{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:402d9bc2-07c9-5108-a716-94f172388745", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-messaging@5.3.24-tuxcare.3", "type": "library", "group": "org.springframework", "name": "spring-messaging", "version": "5.3.24-tuxcare.3", "purl": "pkg:maven/org.springframework/spring-messaging@5.3.24-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:b0b5908d-6f85-5c54-ba0c-58351a821d32", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.24-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:10615838-04b5-5c39-90c5-7ff769071087", "id": "CVE-2023-20860", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20860 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dcf5758f-ceac-5a00-ba19-c9fbf39a6ea5", "id": "CVE-2023-20861", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20861 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ea64e8e0-8d89-5d72-ade0-6e3d913e364c", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1edf1911-41c4-5c07-b0f6-d969ceb69768", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:168f3527-2718-5d5b-b487-d82c64197fc2", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3c649202-85f2-5942-839b-a2cd3f2f0a04", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4b1c60b0-51ef-5c4a-a941-1c279447f594", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:544ad654-69ef-5d14-ac1a-b07c2ee55976", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:418ca5a1-dac5-5cc2-9e28-fa5f53082096", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:280a1357-876d-5667-837b-0ac2c70d7468", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:80a85ddf-f9f3-5f9c-a782-b259f5f5312b", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9f27c93f-edb8-51e5-9833-4a23fea48e33", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3b66c03a-7dd9-5f5f-81dc-6be9a6bfa353", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:65b2f62d-1563-5172-bec1-f6ba7802cb57", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:18633ff8-b8bf-5b48-92e3-6733f4fc05d4", "id": "CVE-2025-41249", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41249 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:eb29086a-b386-5fef-b80e-bc4eb856c254", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.24-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e42864d3-2093-58a8-937b-366b1cc95b6a", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.24-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ee77d172-1499-5a5a-aa0f-ff3c284c9394", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.24-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:626526b3-abb3-5430-8974-f0953670e436", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 5.3.24-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6cefb60e-ee64-528b-856f-0120afec8b43", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.3.24-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bdb2484c-08ac-53c3-a4fb-69f8bf65faaf", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.3.24-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:989537e1-34f6-56ba-8262-1ed8789cb3ef", "id": "CVE-2026-41838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41838 affects version 5.3.24-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:84c90ca7-aa8c-54b1-82bd-f71ca24f1eac", "id": "CVE-2026-41839", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41839 affects version 5.3.24-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4236e2ad-6db5-58ea-ba95-5863411b2f8b", "id": "CVE-2026-41840", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2026-41840 does not affect version 5.3.24-tuxcare.3 of org.springframework:spring-messaging. Patches already applied: 7052da453285658215efc1dd5ecb0d472fde2de1 (already in target via 2c11852775 'Backport CVE-2026-22740 to 5.3.24')" }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d83531ba-70c8-5eda-bc0e-90b17689f943", "id": "CVE-2026-41841", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41841 affects version 5.3.24-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b98abcc9-41da-552d-906a-4cc163e6e45a", "id": "CVE-2026-41842", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41842 affects version 5.3.24-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:47172557-6257-5191-9cba-1c9d6232e36c", "id": "CVE-2026-41843", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41843 affects version 5.3.24-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:92e5f82e-7bc4-5272-a1d1-d16182641cee", "id": "CVE-2026-41844", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41844 affects version 5.3.24-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a9280875-223d-5a38-bd0b-0e642f5dc8b3", "id": "CVE-2026-41845", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41845 affects version 5.3.24-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8ee8964e-d527-5fc2-9e8e-cdee305d10de", "id": "CVE-2026-41846", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41846 affects version 5.3.24-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4ac59bc5-6caf-5d7f-a1dd-63b16c607c6b", "id": "CVE-2026-41847", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41847 affects version 5.3.24-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7e1ef885-ccd4-56fb-b954-fd694fed088e", "id": "CVE-2026-41848", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41848 affects version 5.3.24-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5e4ac684-c4c3-55cd-8169-b598e227c874", "id": "CVE-2026-41849", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41849 affects version 5.3.24-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e20e2610-1edb-50f7-9c57-6c456821e634", "id": "CVE-2026-41850", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41850 affects version 5.3.24-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:219cfb22-9283-50ea-9636-9399db20fd54", "id": "CVE-2026-41851", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41851 affects version 5.3.24-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:22b6fb04-790f-5876-9656-13b449562145", "id": "CVE-2026-41852", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41852 affects version 5.3.24-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:823a25b4-d6ef-51ef-9b36-f3dc77a76948", "id": "CVE-2026-41853", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41853 affects version 5.3.24-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.24-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d4665565-2400-514a-a172-e3c7a9a27fdc", "id": "CVE-2026-41855", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41855 affects version 5.3.24-tuxcare.3 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.24-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.24-tuxcare.3" } ] }