{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:c0784b1b-9b7b-5d91-9a38-75fc7d90217f", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-websocket@4.2.9.RELEASE-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-websocket", "version": "4.2.9.RELEASE-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-websocket@4.2.9.RELEASE-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:3fff5c7c-a27c-5b83-ae27-b03832747c6a", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1e44be7b-2f20-57c1-8f26-9ec6f69e45be", "id": "CVE-2016-5007", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5007 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:069d5e1e-0566-5513-ac12-b09fb0d86dcb", "id": "CVE-2018-1257", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1257 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e53676d3-6b7c-5963-b611-647081fe0068", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e0d7a414-84a2-53b3-9eae-6211aa692c11", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0e0126a9-af55-599f-ba97-8b38869981f8", "id": "CVE-2018-1272", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1272 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7e3c1e38-9f7b-5c0b-8ced-dd11d3646d1d", "id": "CVE-2018-1275", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1275 is fixed in version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a7c2d89d-b8fd-56a0-af7d-bbeb8562b068", "id": "CVE-2018-15756", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-15756 is fixed in version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3c7d3fc5-4087-51ff-af74-faa6a965b970", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ab881548-b8ca-53b0-b3b9-41063275eb49", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f1c3aed3-b666-5e35-82c0-ab52b823e11d", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:81c16d3b-efac-5108-8a26-0bcb47a1ce2d", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ae2f5f72-721f-5cea-9f6b-8014f9d3ba3f", "id": "CVE-2022-22965", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22965 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1af5ccaf-5e38-5c11-a8c7-a6e0a483320a", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5e528127-e58c-542e-8946-126585ea8186", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c3b7a08a-75f7-573d-9081-e3d1e7e9c48b", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e5e026f1-9e73-51ce-993e-f54f38608b4a", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b143afc1-e29d-56ea-952e-ea44da28fdaa", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:486868e8-39b2-5f7e-9861-a469886a4cc1", "id": "CVE-2024-22243", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22243 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:662d6821-8b0b-50bd-a6f0-63fa13bdfb9d", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4e146d2c-ab00-5eea-8be0-6fcb55949d69", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5df8f66e-285a-5f4c-9379-b43067df87ba", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:70cf6031-85f5-55a7-9631-cf73b168e24e", "id": "CVE-2024-38809", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38809 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6615653d-5c51-575c-a25a-cd0cf6388db0", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1af4f088-f0c4-5350-a7d6-3904fe1d1d84", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7f142b97-6d62-5de0-a47c-ed59a51c0433", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:122bceb9-9161-53db-abf9-b5f3cb3393a1", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.2.9.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bc5032c0-0ede-5b97-96b1-b64b0df85cb8", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 4.2.9.RELEASE-tuxcare.1 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.2.9.RELEASE-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.2.9.RELEASE-tuxcare.1" } ] }