{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:4c358e3b-a15d-5167-9eee-bb9e1452eb2a", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-jms", "version": "5.1.5.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:e341563d-3db1-547e-b68e-ec28c5d2c0dc", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:957073d6-bb82-5340-b50f-9c0ce3ad703d", "id": "CVE-2020-5398", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-5398 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:57300017-611c-5de6-b7ec-f05c471e5af0", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3cf4e219-9f10-5cc0-8181-ca41f57f3208", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:93aac2a8-8e1a-5cc9-918d-bb38dbd974e5", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:efb61487-59fe-56af-9535-2dff246d6045", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:95d815cd-16b3-58d0-aea9-9d49774ba5eb", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:738984b9-3f95-5c25-b5cc-7b5017dd9ab1", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:95ea98f9-199f-5a4e-bbac-85e6541a6698", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:461040e1-a212-556c-8b17-50f018d8bdc1", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3bc8749e-c947-5434-9045-5509e3ac0e55", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8ded1d64-5b45-5e16-8905-3190aa4285ea", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:79799dad-da24-54cc-a4d2-ed8ca544724f", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:28ca8c2c-70cc-56f9-b8a3-9d07fac56937", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0d82baa7-6b60-53ee-ac61-527227d8ce76", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4b0d8792-f5bf-5ca0-9f65-966eb8ba042a", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3bd63d22-75a8-534c-b25c-731d4644526c", "id": "CVE-2024-38809", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-38809 is a false positive for org.springframework:spring-jms 5.1.5.RELEASE-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:877d806b-da26-55ca-8d39-025073207d1d", "id": "CVE-2024-38816", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38816 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cfa5aacb-382b-5514-85e4-fe0c69a2ff95", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0365dbcc-46b9-59f0-aeb2-ef36006a2450", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:00358680-703f-5126-a92f-1745a9703064", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8a959969-e137-5988-9b9d-febbde0b7f8b", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a7f76806-95ad-5095-b375-7e2f9e49faa8", "id": "CVE-2025-41234", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41234 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b3f96fc4-1ac5-544a-abec-ef876af3f77d", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:93eddc12-53b1-5001-a8c5-2fdeca9058ee", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d083bacf-3241-5f4b-b581-9aa4636f05e7", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a6bcbbb6-aaff-58e2-acc7-79a5d4f05994", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3579e646-aa4f-55b5-bd8b-03c7473f5bd8", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dab4d049-8c4e-51f2-b618-d00e19fa96a0", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8efda056-3007-5280-81fc-191d8a5b6603", "id": "CVE-2026-41838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41838 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2272ef66-7650-51cf-95c0-60317414dc99", "id": "CVE-2026-41839", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41839 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7c692afb-6fea-5b20-9279-8afd636a97bf", "id": "CVE-2026-41840", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41840 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0f844c88-502d-5552-8f8d-87a6ea955cb2", "id": "CVE-2026-41841", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41841 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ca8356f5-d54e-5338-8dcf-7e9fe10f4cbd", "id": "CVE-2026-41842", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41842 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:228d75fc-2477-59b4-a672-b353dfb86622", "id": "CVE-2026-41843", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41843 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:154ea10a-d13c-5013-8862-6f27251f0f13", "id": "CVE-2026-41844", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41844 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:17c9c3c9-af94-5f86-9989-410fab1eb80e", "id": "CVE-2026-41845", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41845 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2d268ef5-a3fb-5a35-80a3-a88da5a48b1b", "id": "CVE-2026-41846", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41846 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:caae355d-6c01-5ef3-bac1-ab1992cc656d", "id": "CVE-2026-41847", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2026-41847 does not affect version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-jms. not_affected \u2014 Spring Framework version 5.1.5.RELEASE-tuxcare.2 is NOT affected by CVE-2026-41847. The vulnerability exists in the Kotlin Router DSL filter function, which does not exist in version 5.1.5. The filter function was introduced in version 5.2.17+ (September 2021), after this version was released." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b76ed106-5714-53e8-a6b5-1ed918827d49", "id": "CVE-2026-41848", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41848 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f05f980f-7ef3-5fbd-a1bc-d8ed2f96dd48", "id": "CVE-2026-41849", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41849 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e71645c4-bd52-582e-9c63-8072396a94a4", "id": "CVE-2026-41850", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41850 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0582e51c-eb0e-5744-97bb-006c9bb99ba9", "id": "CVE-2026-41851", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41851 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2251f6ba-bf7b-59a9-a96b-2845f1bcc037", "id": "CVE-2026-41852", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41852 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8baf7cce-7ce0-5dcb-bb12-f096542b5115", "id": "CVE-2026-41853", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41853 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f49891e1-9320-5ae0-a083-e198678e4c8b", "id": "CVE-2026-41855", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41855 affects version 5.1.5.RELEASE-tuxcare.2 of org.springframework:spring-jms." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-jms@5.1.5.RELEASE-tuxcare.2" } ] }