{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:dce9383b-bf58-52e8-aa0e-54b351b098bb", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-messaging@5.3.7-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-messaging", "version": "5.3.7-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-messaging@5.3.7-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:b86f12c9-9fbf-5118-86b8-cad085be153c", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.7-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:72fcff3c-fc39-580b-ad49-bd45c88f4266", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 5.3.7-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8549537d-613e-5964-9490-74e5dae879bd", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 5.3.7-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:35e2b7c2-ae32-5b95-abd5-6b48f552d9ef", "id": "CVE-2022-22950", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22950 affects version 5.3.7-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e53bcef7-9805-511b-9c3b-16c70df5e2e2", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.3.7-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:212c3a7e-f7e7-5843-928d-76a35ff00c69", "id": "CVE-2022-22968", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22968 affects version 5.3.7-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e2e5caac-9ae7-5931-b0dd-86142d215df5", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 5.3.7-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9f7b49c5-d013-53a9-be91-b600f84407f1", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.3.7-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:536f415a-242a-5c2d-b0c6-78a2e8c9f956", "id": "CVE-2023-20860", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20860 affects version 5.3.7-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3614e770-b825-5342-a4ac-09ecd345fb1e", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.3.7-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1aa8e97c-de81-57ea-aa9a-f66ce81eeb9f", "id": "CVE-2023-20863", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20863 affects version 5.3.7-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:32f1186b-c12e-5af2-a33b-7e8f6c78a88f", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.3.7-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d5235dbc-26cf-5bdb-bcd4-9a69b23d9744", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 5.3.7-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d2bff48a-a176-5876-baeb-13e45b43e459", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.3.7-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:71a27820-ddd0-59d9-b4b1-310eb24dcb5a", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.3.7-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8c477da3-b4ce-51df-a591-6f16b809f38a", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.7-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a39b7d04-eac1-5d95-af8a-60c88331a693", "id": "CVE-2024-38816", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38816 affects version 5.3.7-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9c82b328-84be-50e6-83c3-8bb97db20143", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.3.7-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e35fb6ff-19e5-5ac4-a87c-1df27f020e2e", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 5.3.7-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:89bb8942-d53a-5034-8993-57c25d546509", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.3.7-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4eb40435-0e7b-5de5-a35d-0e39c5ba036e", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.3.7-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b1690008-fd5e-55b4-89a8-7f7c04284a6e", "id": "CVE-2025-41234", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41234 is a false positive for org.springframework:spring-messaging 5.3.7-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:18638ae5-a961-5cfe-8813-dcc36bf8ca73", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.3.7-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:23265703-ca17-5e09-8bc6-851603560cb3", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.3.7-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9958e2f1-5191-57b0-b6f5-2626bc696f4e", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.7-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0a153994-9127-5475-95be-a94c4a8b5b1e", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.7-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:658aeb6d-97f8-514e-96dc-c2ec15238e37", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.7-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.7-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.7-tuxcare.1" } ] }