{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:9fbb00ae-365a-5406-a966-e23546b8027f", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-messaging@5.3.37-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-messaging", "version": "5.3.37-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-messaging@5.3.37-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:8b2327f8-efcc-5659-86a1-5880ab804020", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.37-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.37-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5f1630c1-a8f4-551f-9d10-f11e36f27652", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.3.37-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.37-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:11761116-ea4b-5151-a740-a8581a87dc0c", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.37-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.37-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d1e9ce61-a191-5e45-b89d-f0814552a91a", "id": "CVE-2024-38816", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38816 affects version 5.3.37-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.37-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f2ccaca6-8302-571f-89ba-3dafb28da313", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.3.37-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.37-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b1416652-21a9-514d-85ae-4e5de8011f59", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.37-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.37-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a7aae7e6-178b-539e-a067-49c491cebc23", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.3.37-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.37-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cc99918e-63e9-588e-8486-8b2e06ab4e02", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.3.37-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.37-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:adc723b4-47ad-5f09-ab97-0a626ae3b080", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 5.3.37-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.37-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a941a0e9-4a69-5984-9bbb-53dd3f90737a", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.3.37-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.37-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7dfbecd6-8f48-52ad-9085-5897fed43651", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 5.3.37-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.37-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6faa7bc6-b00a-596c-91c8-2550ac7f924c", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.37-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.37-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:71b5b5b5-e0ca-509d-87e2-46948fea637e", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.37-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.37-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.37-tuxcare.1" } ] }