{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:b5d90eb4-d102-545f-b1fb-697087c4d4bb", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-jms@5.3.24-tuxcare.3", "type": "library", "group": "org.springframework", "name": "spring-jms", "version": "5.3.24-tuxcare.3", "purl": "pkg:maven/org.springframework/spring-jms@5.3.24-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:3d6a0ba1-afd8-59bb-a42a-f4e2fbd0254d", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.24-tuxcare.3 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:30e370a8-b080-517f-84ff-59b1a49efe02", "id": "CVE-2023-20860", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20860 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:665fde0c-ff98-5167-8a4c-8f46cc892fe7", "id": "CVE-2023-20861", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20861 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fcd456ae-088f-5c6f-b2d4-74906e758963", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:522bdcb5-6e50-5ce4-ae07-a1aafa7d9334", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:68a57411-ff16-500d-8f69-70a4d70f655e", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dadc68ca-96be-55c1-b8be-138afda7eb81", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c0683f4f-5c07-5ab4-8c53-836377635f62", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:789e3221-bf7f-5600-80ab-62cc87c55dc2", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:eac578e7-05c5-5397-88ec-7ec442833fb6", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:eccf85b6-bad7-57f0-9980-ec05c03c8c1f", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f90837ca-5cf4-5d7e-8b75-07fa96eb2e79", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:19ae1511-c4bd-573b-beb3-a942bdc7420a", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0175326a-aa5e-568e-a9e2-bbac82e2751d", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:04161ef4-264f-599b-a0f8-97ef310827bd", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e60534e0-a4ec-5920-b7f0-b1842d0dcbb4", "id": "CVE-2025-41249", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41249 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5a79872f-1ed2-5102-929a-2e97ae4d9fa4", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3120ff90-1095-5ebe-a6a1-3da60441acad", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.24-tuxcare.3 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c03af1cf-82f1-505d-b70c-40d40bb5e5c5", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.24-tuxcare.3 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3fdbbc37-3e18-5707-abbe-486d08cf6390", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 5.3.24-tuxcare.3 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4d6ce486-d3d0-5643-a767-716e6303feb8", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.3.24-tuxcare.3 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9ad97b14-dd1a-5ded-904f-556d7f957e6e", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.3.24-tuxcare.3 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1c96cee3-c1d6-5a84-a946-d270c8c202fa", "id": "CVE-2026-41838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41838 affects version 5.3.24-tuxcare.3 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6fd60dfa-df12-53e4-ac8b-7a4221fa0074", "id": "CVE-2026-41839", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41839 affects version 5.3.24-tuxcare.3 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:90f5b072-bd75-56d4-85e3-135c44bf8d2f", "id": "CVE-2026-41840", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2026-41840 does not affect version 5.3.24-tuxcare.3 of org.springframework:spring-jms. Patches already applied: 7052da453285658215efc1dd5ecb0d472fde2de1 (already in target via 2c11852775 'Backport CVE-2026-22740 to 5.3.24')" }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ac9731d2-2ab4-5239-975c-899dd9f394ba", "id": "CVE-2026-41841", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41841 affects version 5.3.24-tuxcare.3 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:84e3354a-b4e2-5b2e-bd49-3d3da2a600d5", "id": "CVE-2026-41842", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41842 affects version 5.3.24-tuxcare.3 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:88468102-1e22-5645-adb0-8048699d700a", "id": "CVE-2026-41843", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41843 affects version 5.3.24-tuxcare.3 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d7900f14-675a-5d5a-bfe4-6f9eaca142c8", "id": "CVE-2026-41844", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41844 affects version 5.3.24-tuxcare.3 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7e337e39-dcc5-5dbd-888e-bd3f35535ea4", "id": "CVE-2026-41845", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41845 affects version 5.3.24-tuxcare.3 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:05eb24a6-251d-5925-b5c2-a4834d924624", "id": "CVE-2026-41846", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41846 affects version 5.3.24-tuxcare.3 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:10c044a4-e778-5060-82da-7b49cb250e50", "id": "CVE-2026-41847", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41847 affects version 5.3.24-tuxcare.3 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6a5abe88-793e-5bc6-897d-2116513b9b2e", "id": "CVE-2026-41848", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41848 affects version 5.3.24-tuxcare.3 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8e544586-d8ec-5357-995c-1b549231b9f1", "id": "CVE-2026-41849", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41849 affects version 5.3.24-tuxcare.3 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:876b3f10-2493-5b13-9ce0-acaedb4e56f0", "id": "CVE-2026-41850", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41850 affects version 5.3.24-tuxcare.3 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ed6057a6-4689-5e72-8c9e-ca1272e8efc2", "id": "CVE-2026-41851", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41851 affects version 5.3.24-tuxcare.3 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e0be3f1e-a397-5b69-b8ee-a052df897e77", "id": "CVE-2026-41852", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41852 affects version 5.3.24-tuxcare.3 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8c7c54bf-1835-56de-b198-cb2c4c7fb530", "id": "CVE-2026-41853", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41853 affects version 5.3.24-tuxcare.3 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:31f504cc-ee28-5fc7-911a-0e0b0e9b6f2d", "id": "CVE-2026-41855", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41855 affects version 5.3.24-tuxcare.3 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.24-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.3.24-tuxcare.3" } ] }