{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:b5766b51-14e5-516b-9e87-213d9e864f2b", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-messaging@5.3.31.tuxcare", "type": "library", "group": "org.springframework", "name": "spring-messaging", "version": "5.3.31.tuxcare", "purl": "pkg:maven/org.springframework/spring-messaging@5.3.31.tuxcare" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:b207c029-9203-5f53-8db1-4f45e5268204", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.31.tuxcare of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.31.tuxcare" } ] }, { "bom-ref": "urn:uuid:d60b5157-8030-5bfd-9918-5c1f7f6e63cb", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.3.31.tuxcare of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.31.tuxcare" } ] }, { "bom-ref": "urn:uuid:04a05549-b1e8-5325-b183-4fec6887e995", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 5.3.31.tuxcare of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.31.tuxcare" } ] }, { "bom-ref": "urn:uuid:131e59f3-9401-5ee0-b008-0ad204f2a550", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 5.3.31.tuxcare of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.31.tuxcare" } ] }, { "bom-ref": "urn:uuid:d17a13bf-f87b-59a2-b5a8-b776e9c32af0", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.3.31.tuxcare of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.31.tuxcare" } ] }, { "bom-ref": "urn:uuid:6f2a3cf6-5e20-5789-9616-fd83d9569960", "id": "CVE-2024-38809", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38809 affects version 5.3.31.tuxcare of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.31.tuxcare" } ] }, { "bom-ref": "urn:uuid:2ec60c24-6204-5b02-af8d-c84f972040e4", "id": "CVE-2024-38816", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38816 affects version 5.3.31.tuxcare of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.31.tuxcare" } ] }, { "bom-ref": "urn:uuid:18f74f60-18f0-50e7-a29e-8f19fe9a0944", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.3.31.tuxcare of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.31.tuxcare" } ] }, { "bom-ref": "urn:uuid:ff9227c1-bee6-5a2a-ae18-f3cfc272037b", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 5.3.31.tuxcare of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.31.tuxcare" } ] }, { "bom-ref": "urn:uuid:6909a93f-ca60-5049-950e-ff41137f68c5", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.3.31.tuxcare of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.31.tuxcare" } ] }, { "bom-ref": "urn:uuid:ee58066d-f148-5dbd-a25b-7272b58911a9", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.3.31.tuxcare of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.31.tuxcare" } ] }, { "bom-ref": "urn:uuid:107076ba-76fe-500f-aafe-98f42f545649", "id": "CVE-2025-41234", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41234 is a false positive for org.springframework:spring-messaging 5.3.31.tuxcare." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.31.tuxcare" } ] }, { "bom-ref": "urn:uuid:f6d6d12f-cc8d-5f63-bf0c-a58af1e802cc", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 5.3.31.tuxcare of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.31.tuxcare" } ] }, { "bom-ref": "urn:uuid:5228d261-3fea-5e03-ae3a-ed23677b0bce", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.3.31.tuxcare of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.31.tuxcare" } ] }, { "bom-ref": "urn:uuid:e1e0e2ab-c069-5399-b180-a064a5b579ab", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 5.3.31.tuxcare of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.31.tuxcare" } ] }, { "bom-ref": "urn:uuid:5a65211c-c829-5377-b421-570d819d7c2a", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.31.tuxcare of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.31.tuxcare" } ] }, { "bom-ref": "urn:uuid:b6b226d5-3443-513e-bc3c-082dd088c802", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.31.tuxcare of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.31.tuxcare" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.31.tuxcare" } ] }