{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:94c359d4-72d9-577d-b3f5-d41c347fbd44", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-websocket@5.3.25-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-websocket", "version": "5.3.25-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-websocket@5.3.25-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:77b0eac8-b225-57e9-85a2-1cea7d423be9", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.25-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a621e339-a7eb-5dd1-888d-082d11045239", "id": "CVE-2023-20860", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20860 affects version 5.3.25-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2cca957d-aa91-5101-9e35-066329223e71", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.3.25-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7981f4c3-d402-57ad-bec6-c27fe05274bd", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.3.25-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:181c063c-0658-50c9-8efd-c61288f79bf5", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.3.25-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b8ca2e4e-7d97-52d7-a639-bdfa22a909ed", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.3.25-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e67f7fd7-6234-5381-920e-9b7af9f337ba", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 5.3.25-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2f100850-b886-5cb6-afe3-47e25b77ffff", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.3.25-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2af90415-849c-50a9-adfb-b20d412244be", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.25-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:51bc6f64-a534-5e42-99f4-7f4f047923c2", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.25-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:44187d3c-55f2-5308-82f9-3e4c43bf3fa7", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.3.25-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4d51ce70-4479-57b6-b2ef-7e1b4788aafb", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.25-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0dce4318-9de3-5b9a-895e-9b6015ab61e0", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 5.3.25-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7ae4e4ae-2db5-5c79-a370-2ae8321f45ce", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.3.25-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6e7f79ee-6676-5f49-91c3-d3d45850beae", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.3.25-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e972b45e-d7f8-54ae-bbe3-cd37e78dcc75", "id": "CVE-2025-41249", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41249 is fixed in version 5.3.25-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ed74f083-beaa-5794-af44-fb8204927515", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.25-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c6fe10d0-62cf-5c0b-9457-95e1c785318b", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.25-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4f6e963a-a6dd-57b2-9b58-0a999f071249", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.25-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4610cb9c-3881-5a55-b719-0743eb0258ec", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 5.3.25-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a872c101-21d3-564b-a08e-5f0a7fbb2c85", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.3.25-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.25-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2b79b8fd-cbfd-5899-97ff-59bcbc099ccd", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.3.25-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.25-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.25-tuxcare.2" } ] }