{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:b0b04c0c-b4f6-5a8c-bff4-5b2c871a6e2d", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-jms", "version": "5.1.5.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:e341563d-3db1-547e-b68e-ec28c5d2c0dc", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:957073d6-bb82-5340-b50f-9c0ce3ad703d", "id": "CVE-2020-5398", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-5398 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:57300017-611c-5de6-b7ec-f05c471e5af0", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3cf4e219-9f10-5cc0-8181-ca41f57f3208", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:93aac2a8-8e1a-5cc9-918d-bb38dbd974e5", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:efb61487-59fe-56af-9535-2dff246d6045", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:95d815cd-16b3-58d0-aea9-9d49774ba5eb", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:738984b9-3f95-5c25-b5cc-7b5017dd9ab1", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:95ea98f9-199f-5a4e-bbac-85e6541a6698", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:461040e1-a212-556c-8b17-50f018d8bdc1", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3bc8749e-c947-5434-9045-5509e3ac0e55", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8ded1d64-5b45-5e16-8905-3190aa4285ea", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:79799dad-da24-54cc-a4d2-ed8ca544724f", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:28ca8c2c-70cc-56f9-b8a3-9d07fac56937", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0d82baa7-6b60-53ee-ac61-527227d8ce76", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4b0d8792-f5bf-5ca0-9f65-966eb8ba042a", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3bd63d22-75a8-534c-b25c-731d4644526c", "id": "CVE-2024-38809", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-38809 is a false positive for org.springframework:spring-jms 5.1.5.RELEASE-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:877d806b-da26-55ca-8d39-025073207d1d", "id": "CVE-2024-38816", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38816 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cfa5aacb-382b-5514-85e4-fe0c69a2ff95", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0365dbcc-46b9-59f0-aeb2-ef36006a2450", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:00358680-703f-5126-a92f-1745a9703064", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8a959969-e137-5988-9b9d-febbde0b7f8b", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a7f76806-95ad-5095-b375-7e2f9e49faa8", "id": "CVE-2025-41234", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41234 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b3f96fc4-1ac5-544a-abec-ef876af3f77d", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:93eddc12-53b1-5001-a8c5-2fdeca9058ee", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d083bacf-3241-5f4b-b581-9aa4636f05e7", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a6bcbbb6-aaff-58e2-acc7-79a5d4f05994", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3579e646-aa4f-55b5-bd8b-03c7473f5bd8", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dab4d049-8c4e-51f2-b618-d00e19fa96a0", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2" } ] }