{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:02a7630c-898f-5def-8531-13d914adb1b0", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-websocket@5.3.24-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-websocket", "version": "5.3.24-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-websocket@5.3.24-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:97c72318-317c-5e96-8c40-fc39c2d835dd", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.24-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:23f5ee1d-013d-5300-98c5-c5a8d62d8d0b", "id": "CVE-2023-20860", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20860 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:49197f16-5159-51ce-8840-5c0e5275f39b", "id": "CVE-2023-20861", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20861 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a3dd5d69-b9f3-55d6-9e54-32e3d2246dc5", "id": "CVE-2023-20863", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20863 affects version 5.3.24-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:33e4015f-c3cf-559b-b545-bdb29d4d1657", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d97de41a-9fc7-537c-9e9c-89703bbd6e81", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0e78511e-25e5-5e86-9e71-a4b75a6163f6", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7d72762f-86b5-5414-a24f-94df22825345", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7cf436b5-2c68-5934-a189-b33f22143b22", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:361717ba-e0f8-5ffd-851e-80bc956c20c0", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:61150823-2dd5-522b-a15c-21d4c3c481d6", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:63743597-92a0-5cfc-8f37-4e657b431484", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f1bb06f8-16c4-5366-b4ff-a4464f206410", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d93c452c-ac95-58c8-b607-22c01a8f6f7a", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:373e37b4-4295-581d-b5f5-074aaee93e1c", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c23e3ff1-81c7-5ba0-932f-f793bd310064", "id": "CVE-2025-41249", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41249 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:14282b17-2a28-5a3d-b1ab-a5c4de8e4eb1", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.24-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6aed6dc0-7712-5a19-894c-ed27ff2739d4", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.24-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e4076677-3add-549c-b88a-50037d3bb1b4", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.24-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f7de5dc3-73aa-5d1c-855c-986a8c586f2a", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 5.3.24-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6db89231-ad56-5114-99f0-510864e01f3c", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.3.24-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.24-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6cb132f0-444b-52cf-8c44-d51d5be497f7", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.3.24-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.24-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.24-tuxcare.2" } ] }