{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:d2f097da-75d1-5874-8e24-d2a9b39db85c", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-messaging@5.2.13.RELEASE-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-messaging", "version": "5.2.13.RELEASE-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-messaging@5.2.13.RELEASE-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:a1650283-d559-53f0-b33c-d7dfe6abf147", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d3499a59-15fb-5b03-8bdb-b7f600b4d9c7", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1f19dd67-a73f-5f6d-a128-6e028569fbd9", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f3ad276d-7e18-5cf8-8360-9e61d51a4a6a", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:757a80f0-6359-5be7-adcd-744f30848024", "id": "CVE-2022-22950", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22950 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:362bd592-a609-5963-b82c-2fe4f8a84347", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b9afccc1-0a7a-51c1-83c5-f1501eb06c19", "id": "CVE-2022-22968", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22968 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:eda13a1c-1b37-5e02-8815-1128a42d4c3a", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:364db5dc-6aa0-57da-a42f-29c090ab06b7", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:137a6ca9-a9d6-513c-b6cb-7d8be0cf48ae", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:373c50d6-80c3-5d99-b07c-e15e4291fe92", "id": "CVE-2023-20863", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20863 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ec220ac5-306c-54f6-832a-727b80963544", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c4a879df-3c36-53d8-8da8-3d643625ae4a", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d8197b28-01c7-5281-8b3d-4e288cb1db88", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0e97d6aa-ff0f-5587-b1c5-6d38424b3f86", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5c28b3a4-b48d-506d-9283-18524bc6e09d", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8e8b9cf9-87b2-5a03-bb93-ab2fc188ef1d", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:39aa5388-3e33-5ba2-a42d-1f638ce95839", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ee0ea3a1-91a6-59e5-9dc6-e9aca0ea3f52", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e63a48c5-8b75-54c6-b727-85a8e2262872", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c742958d-9c8d-5efc-b57b-890035507067", "id": "CVE-2025-41234", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41234 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fa7ee39c-ea28-5515-81d0-3bb50f7e0e4b", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.13.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b7889695-f421-556c-bd1b-ae3898d46a1a", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.2.13.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.13.RELEASE-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.13.RELEASE-tuxcare.1" } ] }