{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:ed942a4d-1c59-5248-ae74-fd342150a270", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-messaging@5.3.7-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-messaging", "version": "5.3.7-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-messaging@5.3.7-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:d4b43606-8675-5baa-ae47-74f806919e17", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.7-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:edaf03d6-5bfe-5f2d-bdd5-a7728ab4f0ef", "id": "CVE-2021-22060", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22060 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4b14733a-302d-546d-8ef1-09300a77fd53", "id": "CVE-2021-22096", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22096 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e31a246a-7b30-5179-bfce-03d145232dd9", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:afaee8c0-3a0c-572a-9eba-6010e9b28ebe", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b142aa9c-bb7e-5e64-b104-289bd9fd5eaa", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:146fc758-2c29-509a-8627-488e953b5874", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d8ffca9f-3b89-53dc-88e7-ce91de9be082", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:00fc1725-c22f-5143-bea1-101f961c2449", "id": "CVE-2023-20860", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20860 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:866c2d4d-8c18-5bc2-8645-f8a4f87bda9c", "id": "CVE-2023-20861", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20861 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:356b3ebd-ec36-5e9f-8b38-6eeac0129908", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c4fd0ecc-3e72-5b84-b9a4-c7c97ffa5450", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:977f0011-1067-547d-b337-5dc94a18a1b4", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2ddc737e-c54b-532c-b11a-09776c46ed13", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.3.7-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a735ea2e-f864-5e4b-aaa6-33538f0860a1", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b75ddffb-a86f-548b-90af-bd9b05db244d", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7cd59fe6-fed8-5d72-bba4-b7ad94081148", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4afe1df4-babf-5ed6-a723-02afae15499d", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:011028cf-179e-5dd1-bda2-2fb02cefb3ab", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9fd6d074-1b3a-54ed-b539-ba04032ee9f9", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.3.7-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:328d4703-2a96-5ffd-a36f-338dc86d2668", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.3.7-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3ee99fe1-82f0-53a2-911f-2d479b4cfbc9", "id": "CVE-2025-41234", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41234 is a false positive for org.springframework:spring-messaging 5.3.7-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7fe34a08-5de2-5d77-8cf6-e633be5fb277", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:75dca31e-a124-5e9b-b928-439c76653d38", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.3.7-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d1dbe0f2-9f1f-5d35-b89f-1e3e9ef653f9", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3144f3df-5e67-502b-accd-4bd4524a4e55", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.7-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:26936724-d4d2-5277-9cbc-d6a1889bd729", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.7-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.7-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.7-tuxcare.2" } ] }