{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:6918523c-f850-52e4-99f4-696386f2c83d", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.security/spring-security-messaging@5.6.10-tuxcare.2", "type": "library", "group": "org.springframework.security", "name": "spring-security-messaging", "version": "5.6.10-tuxcare.2", "purl": "pkg:maven/org.springframework.security/spring-security-messaging@5.6.10-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:b84af323-ced7-58ea-97e0-9e22781561a1", "id": "CVE-2007-1651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1651 affects version 5.6.10-tuxcare.2 of org.springframework.security:spring-security-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-messaging@5.6.10-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1d8ea04b-88e4-51b2-9599-6d5a2deebc7d", "id": "CVE-2007-1652", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1652 affects version 5.6.10-tuxcare.2 of org.springframework.security:spring-security-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-messaging@5.6.10-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:96a09a7e-a340-534a-897e-34e109fd8eab", "id": "CVE-2020-5408", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5408 affects version 5.6.10-tuxcare.2 of org.springframework.security:spring-security-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-messaging@5.6.10-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9580dc23-80d9-5899-99cd-452508bcec6d", "id": "CVE-2023-34034", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34034 affects version 5.6.10-tuxcare.2 of org.springframework.security:spring-security-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-messaging@5.6.10-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fc58276f-2a3f-5b46-b5b0-999382f1ee4d", "id": "CVE-2023-34042", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34042 affects version 5.6.10-tuxcare.2 of org.springframework.security:spring-security-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-messaging@5.6.10-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7239ff20-5579-50ff-81f8-45670eed6520", "id": "CVE-2024-22257", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22257 is fixed in version 5.6.10-tuxcare.2 of org.springframework.security:spring-security-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-messaging@5.6.10-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9f190574-b140-5483-9165-b71ee858ac5c", "id": "CVE-2024-38821", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38821 is fixed in version 5.6.10-tuxcare.2 of org.springframework.security:spring-security-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-messaging@5.6.10-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:070d0876-2730-5827-8311-443c27c3dd1f", "id": "CVE-2024-38827", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38827 is fixed in version 5.6.10-tuxcare.2 of org.springframework.security:spring-security-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-messaging@5.6.10-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:15e202aa-a367-54ac-aa9d-a715b0fff1c0", "id": "CVE-2025-22228", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22228 is fixed in version 5.6.10-tuxcare.2 of org.springframework.security:spring-security-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-messaging@5.6.10-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f200479d-50fe-5e84-83f6-b3e5492645e0", "id": "CVE-2025-41248", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41248 affects version 5.6.10-tuxcare.2 of org.springframework.security:spring-security-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-messaging@5.6.10-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ceff4fe0-b92e-5043-b4bc-bfd6062f6339", "id": "CVE-2026-22732", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22732 is fixed in version 5.6.10-tuxcare.2 of org.springframework.security:spring-security-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-messaging@5.6.10-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9dfee06b-452f-53ea-b80b-2b1301fcf8e7", "id": "CVE-2026-22746", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22746 affects version 5.6.10-tuxcare.2 of org.springframework.security:spring-security-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-messaging@5.6.10-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:287fb7ac-f2f9-5258-b869-9e7af02bd1d4", "id": "CVE-2026-22747", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22747 affects version 5.6.10-tuxcare.2 of org.springframework.security:spring-security-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-messaging@5.6.10-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cbf5c022-a096-5b6b-b97c-df1e88dd3a85", "id": "CVE-2026-22748", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22748 affects version 5.6.10-tuxcare.2 of org.springframework.security:spring-security-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-messaging@5.6.10-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:08a5635a-9c39-5425-865c-afd93ec50a7b", "id": "CVE-2026-22753", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22753 affects version 5.6.10-tuxcare.2 of org.springframework.security:spring-security-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-messaging@5.6.10-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:65f4f32b-e0f4-5af1-afb3-074132d11cb2", "id": "CVE-2026-22754", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22754 affects version 5.6.10-tuxcare.2 of org.springframework.security:spring-security-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework.security/spring-security-messaging@5.6.10-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.security/spring-security-messaging@5.6.10-tuxcare.2" } ] }