{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:7da5d83c-869b-5ffc-9ca7-10e6569aa9da", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.3", "type": "library", "group": "org.springframework", "name": "spring-messaging", "version": "5.2.0.RELEASE-tuxcare.3", "purl": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:c9b3b019-dfe4-55f7-9e95-7a7f37b84953", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7924c26c-977e-537e-96e3-4c23e40542a4", "id": "CVE-2020-5397", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5397 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:357dc90b-e26c-5e41-8f28-703ccbcb4b02", "id": "CVE-2020-5398", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-5398 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8023ed49-0bae-5f46-9f0d-719d7f76b082", "id": "CVE-2020-5421", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-5421 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dd651d1c-2b30-5ecd-8cde-7bcc4a7681dc", "id": "CVE-2021-22060", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22060 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:532cb278-f79d-5a9e-a578-a9704a3e834f", "id": "CVE-2021-22096", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22096 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:88f64081-7f95-5fcc-9bbe-947fc5e1b218", "id": "CVE-2021-22118", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22118 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c71b1fa4-555b-5865-b06a-4553aac6ebe6", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1a8d6f85-37c2-5ebd-9791-a8522efa2e72", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:62b99b9e-ce3d-507f-ac28-1f8699fd95aa", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a7baffab-276b-5d62-ba5d-94848d2e3abb", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fc0f8a00-f894-5509-b3be-a4721ecc5b7f", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6972d083-2e50-55a5-bc43-7a9efbdd263c", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ea304da1-201a-5d66-a266-8c5b7d002673", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ea177419-5bee-5aa7-a101-d10562fb0621", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8a261673-c602-581e-9950-876b6dea9f0c", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:80eba1a2-c21f-52bb-9ad7-42ab27d9ac24", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fbbd2ae4-64ca-587c-a985-0891e736bbb3", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:28e8c9e6-3108-56cb-b624-0384f5a71753", "id": "CVE-2024-38809", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-38809 is a false positive for org.springframework:spring-messaging 5.2.0.RELEASE-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:027759fc-562e-562c-902d-b1382b7aaa01", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c6c824c2-8dbd-593c-a03c-b639e0bb77a1", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b8f23796-45ba-586d-ab08-e02bf48c9537", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:710d8e0f-02f4-50fa-b9c0-b57edd47d42f", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0a30065f-adf6-5b45-98c4-d283afc3a7e9", "id": "CVE-2025-41249", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41249 is a false positive for org.springframework:spring-messaging 5.2.0.RELEASE-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:30ee9361-f226-5079-9393-877dbe11761f", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 5.2.0.RELEASE-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.3" } ] }