{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:6f337eb8-ba1b-502b-a1d3-991cde49a9cd", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-messaging@4.2.9.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-messaging", "version": "4.2.9.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-messaging@4.2.9.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:d3d2a0fe-80f2-5d1b-9e9f-be882dc57cae", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:27d12904-9a27-5c44-882d-e866495da886", "id": "CVE-2016-5007", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5007 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:440e0c5e-255d-550f-b350-9c16b0a715cd", "id": "CVE-2018-1257", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1257 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ce304f31-6a04-5180-9f92-277c36a9dd14", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d866805a-0e93-587b-80f2-b77beba7309a", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:838e1290-0a0c-5e62-97af-a508f1d373d0", "id": "CVE-2018-1272", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1272 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e9e89af9-deac-5551-8130-bc2e6245245f", "id": "CVE-2018-1275", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1275 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d2936fb2-984f-5944-832b-1d3b2a7ceae3", "id": "CVE-2018-15756", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-15756 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e6ce702c-32f2-518f-ac92-29c1187072cc", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c08d963c-0094-514e-997e-77871d966f29", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fbb0876a-c987-56e7-bd41-88e2554f7741", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:15b9c26b-4a01-583b-8393-ac88416a9984", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dc02b99a-e31c-5114-b426-c776d786531f", "id": "CVE-2022-22965", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22965 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:859f3bd7-171c-55de-9c32-199ab18c321a", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8e008cb0-f6a2-54f4-a367-b3e33d698b1d", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:853768d7-8cb3-537c-ae69-384d2d059572", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:29e74334-74f8-563a-b518-0c4e38758a05", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0b89393b-f9a2-50ab-8c18-e3d2cb370f2a", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fb3f4c4d-dbaf-5116-8ea3-3377ab22551d", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ae6e00dd-4dd8-5cab-b78c-f6d06f06a2cd", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f9852900-4698-520b-b8a2-52526a0fb7ae", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:eb947b66-5e15-5025-824b-a476787b51b8", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:403bb3a2-fb74-586c-b498-0f751b949a05", "id": "CVE-2024-38809", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38809 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7b97a17e-a202-5290-a207-66dbbf74227d", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:384de2ce-717a-5cc4-8a1e-b0d10f15e7a5", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1f49b250-d631-5a81-843f-1f20c232f074", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ed8fff90-f36d-5b4a-8c6d-113556dc9998", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d70d2d15-1e1e-537b-96c5-b2510ada62eb", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.2.9.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-messaging@4.2.9.RELEASE-tuxcare.2" } ] }