{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:58f5d17f-dbaf-5d07-b059-379ae99e24b6", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-messaging", "version": "5.2.0.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:2aa255b5-6a8f-5ece-90c8-1115c543d8a1", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8b2f4f5b-b773-5853-b3e6-1b520f94b5f0", "id": "CVE-2020-5397", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5397 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5bd97f9c-4c48-5fcc-a1d7-2f0ae9911a33", "id": "CVE-2020-5398", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-5398 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5802d889-f3ac-5ee0-9982-277b34a83f45", "id": "CVE-2020-5421", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-5421 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9babc5f9-a40e-5d71-9027-3142d977610b", "id": "CVE-2021-22060", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22060 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:343da517-eccb-5c35-9d1a-b4836c2beeb7", "id": "CVE-2021-22096", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22096 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5bf9d09e-df0f-59b5-9f23-b4c31f02323d", "id": "CVE-2021-22118", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22118 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0c774447-dbc8-522b-b5d6-799b6a99028c", "id": "CVE-2022-22950", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22950 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a154084c-723e-54e4-a0aa-b4c629b61562", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:84e72f18-8566-59a3-80d4-f0ab097faf0a", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2816f885-7005-5714-8abb-813fbf7f9ee8", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:766bd15c-493e-5b41-976a-1eaf648f69c1", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ae988da0-3b08-5caf-b03a-855f47b17c67", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:82fe8d57-9b16-5e3a-9069-3da663835bb1", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ca82423b-279a-5388-9787-5666374c6a7f", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ce158aef-1313-57d4-83a6-edd6efc9cba1", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a06c6ca1-fa36-5302-92b8-9b39f05d34ce", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:33d92c87-6ea3-5b02-b0f0-f63c297112e0", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c9053cf9-c0c7-57c2-847c-1ad67476ef2b", "id": "CVE-2024-38809", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-38809 is a false positive for org.springframework:spring-messaging 5.2.0.RELEASE-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3f0c5cd3-d47e-54c9-b65f-b887eae08748", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:032f67c8-21a4-52e2-8d7c-a5c25eb39d8e", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:06653b5f-f591-5e51-b965-770c8bf54c06", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:db9dd4d9-7a9f-58d1-95f1-fae356c611ca", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9929f685-a6ec-5ba7-bb4a-ed1213950cb5", "id": "CVE-2025-41249", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41249 is a false positive for org.springframework:spring-messaging 5.2.0.RELEASE-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:912db08b-15c0-5d32-a227-335f00c6e2b3", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2df9c65f-3f6c-56d1-9d59-5d8019a18245", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a639ac78-4210-55e8-9422-a99becf24bde", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4c5e3941-1095-5156-8e33-136d328eac92", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b175ad17-3f11-50c6-91d2-7ca34e797646", "id": "CVE-2026-41838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41838 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:df546567-ace1-5456-ac06-4980de5e0095", "id": "CVE-2026-41839", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41839 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:68cf1c47-df76-5035-bf65-ae7544a2e5b5", "id": "CVE-2026-41840", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41840 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8938c7ac-d16d-5db1-8999-9d8923727e81", "id": "CVE-2026-41841", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41841 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:108792c3-4412-58df-94d6-d18457dd194a", "id": "CVE-2026-41842", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41842 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e3178be9-6314-583f-be54-b03fba9fa348", "id": "CVE-2026-41843", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41843 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bdec3491-0ad4-5aa4-ba61-d11b7a5c3ca0", "id": "CVE-2026-41844", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41844 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:34b6e366-cd64-5867-ab70-d1292c178f1a", "id": "CVE-2026-41845", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41845 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:97a8ceef-6cff-5375-82f8-46b2d71de3d3", "id": "CVE-2026-41846", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41846 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bd6d59ac-f923-53b2-9cc5-0a3e75ffaa27", "id": "CVE-2026-41847", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41847 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:799fab21-266c-5fc9-a994-913ad56e407e", "id": "CVE-2026-41848", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41848 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2bba197d-c49a-5db8-b8be-9364121142f1", "id": "CVE-2026-41849", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41849 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c54fa217-82d5-55ad-a023-1088d25a8f83", "id": "CVE-2026-41850", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41850 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:08f9e0d8-fd92-50b6-86f7-a0012dd6e1a4", "id": "CVE-2026-41851", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41851 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e172cea9-0174-5434-9e4b-73336978ef91", "id": "CVE-2026-41852", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41852 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:609cf5fd-4577-592b-8c1c-3a8733d9f1ef", "id": "CVE-2026-41853", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41853 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:22a66a6b-db71-5f9a-8b27-0f45c8275fcb", "id": "CVE-2026-41855", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41855 affects version 5.2.0.RELEASE-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.2" } ] }