{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:d814226e-2cb3-5f70-a0c9-45a6391f4001", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.3", "type": "library", "group": "org.springframework", "name": "spring-messaging", "version": "4.0.0.RELEASE-tuxcare.3", "purl": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:ffb2db21-3134-51b8-884b-a56d27af1da1", "id": "CVE-2014-0054", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-0054 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:72700641-738d-5b38-9af6-f4ab11021caa", "id": "CVE-2014-0225", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-0225 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e25e69a8-c2f5-5992-81c9-c3d775f0a158", "id": "CVE-2014-1904", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-1904 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:95e802a0-5aa7-5cc2-9877-9d49c4d69ac2", "id": "CVE-2014-3578", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3578 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b216b6ac-b573-5df1-b6a1-d024387f4044", "id": "CVE-2014-3625", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3625 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:45efdff5-d702-53fc-a6f5-9d360dcd5929", "id": "CVE-2015-3192", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-3192 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d4e2ec76-b0b0-57ef-b21f-361fe2c21042", "id": "CVE-2015-5211", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-5211 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b342bd61-891f-51ec-93f7-9281e365d977", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f4230c9f-4879-5a22-a731-45077d7f7156", "id": "CVE-2016-5007", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-5007 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e56a1478-48fd-5129-a949-df1e1d287612", "id": "CVE-2016-9878", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-9878 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a40ab479-b3d4-5327-a814-72b7f23d323b", "id": "CVE-2018-11039", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11039 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7ddded0f-e7b8-5531-96cd-47cf0c408826", "id": "CVE-2018-11040", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11040 affects version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d54aacb3-320e-5596-b2e4-182574447372", "id": "CVE-2018-1257", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2018-1257 is a false positive for org.springframework:spring-messaging 4.0.0.RELEASE-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8f33da96-e6b2-50cc-ab42-5b5f2ffbe041", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5f82b0a5-5d0b-5064-8f12-eb69b5b3e2d3", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:620590b5-4328-5abb-a4ac-5793c8ed26af", "id": "CVE-2018-1272", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1272 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0988fa14-58b6-54dc-8f23-a41f0b68a642", "id": "CVE-2018-1275", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1275 affects version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:12071237-ddb8-57dc-b378-0c2322f92cbc", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e9ff4357-ffce-5d7a-834b-a383643cd769", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5959a564-f4ec-5a4b-9dd9-af4679c95482", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7e42b0fa-0b05-508a-a818-d9e1d27243fa", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:15eb3527-d6e4-5fd4-a8b0-f263a7cdced2", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5349c51b-c1c5-5647-a1be-969ea2e0442c", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9b1a1f64-2cf5-593f-be87-a221c125cbfa", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:013cf6c1-c9cb-52af-b81b-d426742772a4", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3ed6ad12-fa86-5a34-a053-1af7096a535e", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4e11a6c4-db76-5143-9414-fc4370331c2a", "id": "CVE-2023-20861", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20861 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d18c6151-912a-591b-8009-1012407eae52", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fbd50e06-3161-560e-a2fb-d7aa09ac1d90", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f860a099-aa95-5409-b850-5ef866ff4680", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fb9fc6c9-b847-5f44-a2c0-54858f0f0af6", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a453d5cc-a0c0-5cc9-a368-5cf471a125ef", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:539e5e7a-213e-556c-8625-26f774769670", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8decb642-ddd7-5cc0-bbbe-898c3945b2c8", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:313f8ff5-2aa7-5a65-b1f2-fbff72878494", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2414a26d-c52c-5e29-942a-3b6ab9abddab", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:77ecbd8f-f588-5dcd-aa97-7c797f8f107d", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:01304f2f-8261-5553-9456-3b9f157c0b2c", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:742fae81-2f07-59e9-bf05-6d9bbefee023", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1a919005-5b0d-54cd-83d0-60cd406619d4", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:52f6fa58-92cd-5dab-b376-e66752160a9a", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 4.0.0.RELEASE-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.0.0.RELEASE-tuxcare.3" } ] }