{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:43bec2af-eaff-5200-b7c9-e4f5f8665cf8", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-websocket@5.3.25-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-websocket", "version": "5.3.25-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-websocket@5.3.25-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:14f0ba8e-308b-5290-8dba-9267ef962c3b", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.25-tuxcare.1 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b0a32d8f-21e3-5a3c-a6c8-b28fc0149dec", "id": "CVE-2023-20860", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20860 affects version 5.3.25-tuxcare.1 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c466f3bb-15f4-54b3-8f8f-ed2c78e95734", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.3.25-tuxcare.1 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a1271aa0-9900-59a8-a4fb-38b5ccabb4d5", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.3.25-tuxcare.1 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f59a1332-e49c-5be0-92db-6693f2839f01", "id": "CVE-2024-22243", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22243 affects version 5.3.25-tuxcare.1 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3dd5a52b-5e4c-5d80-8123-63e9308c40a2", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 5.3.25-tuxcare.1 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:07d2ae9c-d0c6-51d1-9d63-f449fe262021", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.3.25-tuxcare.1 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f93fcf4f-4f8a-503f-aff1-237e9dfa6b73", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.3.25-tuxcare.1 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a9731367-1ef5-5e34-846f-2b284ea0d602", "id": "CVE-2024-38809", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38809 affects version 5.3.25-tuxcare.1 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0bdfc287-401a-53a4-aa9b-3419d1e2092c", "id": "CVE-2024-38816", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38816 affects version 5.3.25-tuxcare.1 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5808ae17-4ab5-5b6b-8b60-395187ab5697", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.3.25-tuxcare.1 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3883f063-56c2-50f2-a19c-09f0ddf09b42", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.25-tuxcare.1 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5283d357-9ff6-5fc2-b0a4-9d4675778188", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 5.3.25-tuxcare.1 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5bc64877-b381-5db9-8a47-ebcff5fcf170", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.3.25-tuxcare.1 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:830858d2-3db4-5e0e-bb2c-c8e9f88730a1", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 5.3.25-tuxcare.1 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ec160beb-6e89-50c0-bab6-9c88c9ea7d17", "id": "CVE-2025-41249", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41249 is fixed in version 5.3.25-tuxcare.1 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:db80ec59-b1f6-5729-a2e8-7ea3fc7f0786", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.25-tuxcare.1 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9b9a8610-3372-5ba2-b9a9-772875c40e53", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.25-tuxcare.1 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:da001afc-3fdc-58c8-bc73-8b122ce037d8", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.25-tuxcare.1 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2a9e30ca-68e8-5551-abf6-b3a692e9aba1", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 5.3.25-tuxcare.1 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:78444933-79cc-5521-b849-57b21145de56", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.3.25-tuxcare.1 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.25-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:00bb08c8-9254-5379-94c3-f2da770b5d8b", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.3.25-tuxcare.1 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.25-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.25-tuxcare.1" } ] }