{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:97dd9911-b9c0-5666-8c5b-6fa69ac70348", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-messaging@4.2.9.RELEASE-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-messaging", "version": "4.2.9.RELEASE-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-messaging@4.2.9.RELEASE-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:84c0c92e-2492-5401-99b9-1da2f7d4cc68", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bb4eb5dc-0e4f-5c88-965f-d11824f9dc1e", "id": "CVE-2016-5007", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5007 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9f0fd0e8-62d0-593e-bf13-6b04401491c3", "id": "CVE-2018-1257", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1257 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1dd3d7a6-0f96-5467-86e5-eed684144b2b", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:284e1e43-6171-5b9d-8821-76c7317dbf9d", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:966b49da-1b21-554a-8b36-a01ac4c26392", "id": "CVE-2018-1272", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1272 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5614bac9-b421-5c5b-948d-77dfbf770c8e", "id": "CVE-2018-1275", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1275 is fixed in version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:87aa3763-62b8-5ae9-b411-aa63517e31b6", "id": "CVE-2018-15756", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-15756 is fixed in version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d19a83d9-3011-51b2-973e-5a3b0145b521", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1e4947a9-a105-5101-9696-7c3f3ef7c9d6", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:28bfc11c-2395-51d6-b2fa-10ff387893dd", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:962a3a73-ccf9-5fb6-9355-c949241f0787", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2cad0cb0-7f71-50d4-b72c-45ed941c0f59", "id": "CVE-2022-22965", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22965 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d56093d7-b725-5368-b86e-ef03e39d7392", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f36f2fdc-bb03-58a4-b962-994e5f81a6c0", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a28d92ae-f264-5b62-8443-01c95c4511b4", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:497705ea-be6f-55a5-940f-6974dc3ee4ee", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:17cbb612-c5e3-5552-b977-973af1fdd314", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d1a2fb85-3c35-586c-a805-f7480c553783", "id": "CVE-2024-22243", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22243 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:409dd4e5-936e-5bd0-a8a4-4824735ee2cb", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5485a46a-5bf7-5cad-b201-1668e6aa676e", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f41425f3-21a4-5665-a6cc-ecd70c18d904", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5f8e3e84-8d6d-5289-a0a7-bbc7f7b38ef4", "id": "CVE-2024-38809", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38809 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c94ef8dd-c86b-5ad1-9f97-6e48a9ed4141", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b6f9d71b-cb83-5536-a7e1-16d5baded206", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9157e095-b1de-513d-9434-7adc6c3104e0", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:df1f6136-6d59-5a29-88f4-142f9c48827e", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:708ad637-ddc5-5595-89ee-b3b336f78034", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.2.9.RELEASE-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.2.9.RELEASE-tuxcare.1" } ] }