{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:d812c391-1fa6-597f-931a-b11d221fbc06", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-jms@5.1.20.RELEASE-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-jms", "version": "5.1.20.RELEASE-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-jms@5.1.20.RELEASE-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:1f0d7b38-0656-578a-9da9-63467513330e", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.1.20.RELEASE-tuxcare.1 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.20.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1f7c1481-c62c-5d44-9710-92fa4fc14b91", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 5.1.20.RELEASE-tuxcare.1 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.20.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:56f88d5d-5f4a-555f-9d1a-dd65fed516a3", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 5.1.20.RELEASE-tuxcare.1 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.20.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4a756772-6701-5760-9fd9-a013297c2d80", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 5.1.20.RELEASE-tuxcare.1 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.20.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:abd34213-399c-53d6-a701-6c7e1fd09f84", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 5.1.20.RELEASE-tuxcare.1 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.20.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:16deabff-b1ff-5673-aa1a-3711e996ad2b", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.1.20.RELEASE-tuxcare.1 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.20.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cc5532f7-8593-5baf-83af-db6a97e0af23", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 5.1.20.RELEASE-tuxcare.1 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.20.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0ff6ef29-0256-590d-9c68-ccd2a7b3151f", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 5.1.20.RELEASE-tuxcare.1 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.20.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:91d864b8-6049-5f1d-9c8d-1005351c299c", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.1.20.RELEASE-tuxcare.1 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.20.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:40e371a1-fd1c-5fd2-b3ec-07558c5417e9", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.1.20.RELEASE-tuxcare.1 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.20.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e73778c9-9b9c-5930-8305-0164ea3acef1", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.1.20.RELEASE-tuxcare.1 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.20.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1f9b086e-fa2b-5e53-9ce3-377f5b5e25ba", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.1.20.RELEASE-tuxcare.1 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.20.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9ae1ab25-f374-5973-bd2b-ad9c41aee439", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.1.20.RELEASE-tuxcare.1 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.20.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:44592591-3ad7-514b-8ed5-cb08fb5100b4", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.1.20.RELEASE-tuxcare.1 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.20.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f98c2f8a-80de-5443-8f45-dd8f2d07dd41", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.1.20.RELEASE-tuxcare.1 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.20.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d22a974f-a593-5a38-9690-5b2be73e5452", "id": "CVE-2024-38809", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-38809 is a false positive for org.springframework:spring-jms 5.1.20.RELEASE-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.20.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c8b90882-b9d4-5354-9671-d7d3a1d64908", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.1.20.RELEASE-tuxcare.1 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.20.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:006f9cea-bbd3-5ddf-8ad0-306efa8b9aaa", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.1.20.RELEASE-tuxcare.1 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.20.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cadc0b9a-1d4e-5042-bf09-c6a574163db7", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.1.20.RELEASE-tuxcare.1 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.20.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b1402af6-75a5-58a4-8482-9fa021e2e0fd", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.1.20.RELEASE-tuxcare.1 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.20.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:71dc5b08-cba7-5c85-9499-151ac42b3661", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.1.20.RELEASE-tuxcare.1 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.20.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:677a72ee-c386-5990-a247-26a7710ec341", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.1.20.RELEASE-tuxcare.1 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.20.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:80f5d091-d61d-536c-9d85-c10d94cf4929", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 5.1.20.RELEASE-tuxcare.1 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.20.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d960978f-f13a-50f5-8620-0a64466ea244", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.1.20.RELEASE-tuxcare.1 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.20.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d30253b2-842f-5087-8715-61a0e55f586f", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.1.20.RELEASE-tuxcare.1 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.20.RELEASE-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.20.RELEASE-tuxcare.1" } ] }