{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:0ffffdb5-b355-59e1-9a39-f0a0d339fa72", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-messaging@5.3.29-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-messaging", "version": "5.3.29-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-messaging@5.3.29-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:1cc00010-913e-548b-a0e4-0c719569f3b5", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.29-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.29-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1b1ae549-da02-547e-b518-a2217959beb2", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.3.29-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.29-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a61e00b0-b46f-5064-bbd0-25679ca733ca", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.3.29-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.29-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d3a3e0dc-16d0-5a9a-8739-ab24023a5604", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.3.29-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.29-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:54ead9c7-53d9-5f7c-95ce-725b649082ad", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.3.29-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.29-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:92f3f8b8-acba-57fc-bc14-c1468e6f7bee", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.29-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.29-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8449ef94-abd4-58e7-886f-3cb23b9f98a9", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.29-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.29-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a3c100c5-bf5d-5698-9264-3f5658ca17c3", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.3.29-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.29-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7e3e7041-fb5e-51f3-a235-8ca7ef95435b", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.29-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.29-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4aba75e5-33f8-5bb8-91e7-1dcaa275865c", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 5.3.29-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.29-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8aa6bd33-1452-5d4d-9cb1-cf8ba6995d08", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.3.29-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.29-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d65d4752-8560-59f6-b44b-ad68c367cd0d", "id": "CVE-2025-41234", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41234 is a false positive for org.springframework:spring-messaging 5.3.29-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.29-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:acd21a00-c4c5-5e92-a7d0-85247451b012", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 5.3.29-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.29-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:58ca6eda-2b66-5e6b-b3fb-f27d9892935f", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.3.29-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.29-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:80045214-a0fb-50df-a90d-8ae6aa903d72", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 5.3.29-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.29-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b72f1df8-32b2-53ea-8484-a3cb9a7510de", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.29-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.29-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:34ae6545-f02a-5956-b422-6e6b9c8e8036", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.29-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.29-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.29-tuxcare.2" } ] }