{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:3892d8d2-cdc3-52a3-bc5b-7872247542aa", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-websocket@4.1.7.RELEASE-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-websocket", "version": "4.1.7.RELEASE-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-websocket@4.1.7.RELEASE-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:1d038e41-0e1e-5ef8-a417-4a02eec06405", "id": "CVE-2015-5211", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-5211 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:969175d2-c9fe-5cb0-baaa-10d2aaa7eb68", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e7cf5e0b-f542-51d2-9a84-b57e0d8c1b1b", "id": "CVE-2016-5007", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5007 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:755fcac6-bcb8-5b8c-8264-83eb4c396db2", "id": "CVE-2018-11039", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11039 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b02168b2-efb6-54cf-b3a7-7fe47b895324", "id": "CVE-2018-11040", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11040 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3dac6b01-2623-5a11-8a0d-3c683d7e530f", "id": "CVE-2018-1257", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1257 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:947f3cea-8d33-597d-8fae-b9c1b9af62c8", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:039c77e7-7e2e-5fec-bd2f-eef137be5fae", "id": "CVE-2018-1271", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1271 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c1560d00-6f01-5f77-937c-0ceec9ad7b8b", "id": "CVE-2018-1272", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1272 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e5d570e6-4087-5ac2-914c-5e825a3bba9e", "id": "CVE-2018-1275", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1275 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cf013af4-0747-5d2c-b2be-10f4be257b62", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bb09ece0-e005-5919-baa2-2721de672dd0", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:12b1f8d8-f20a-56fa-b478-50a180af6d6c", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:92cee9b2-9af5-5138-a270-372f636868cc", "id": "CVE-2022-22950", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22950 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:80c85d80-a0b7-5e19-8ad7-99ebf0504905", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9b65eb36-8c17-5d57-bfdc-3480fc9848a7", "id": "CVE-2022-22968", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22968 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:31933411-cc17-547b-9d0a-ac8b1f2a6c7e", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a8688bd8-381d-5d2d-9934-fbd80d17a678", "id": "CVE-2022-22971", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22971 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0fbb0f47-8cc1-51ad-843f-21da93af6daa", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:aee2a71b-6896-5f56-836b-5964405ef354", "id": "CVE-2023-20863", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20863 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1f504966-38a8-5028-9be7-16ea56ea463a", "id": "CVE-2024-22243", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22243 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dcba094d-a8a3-5349-b7ac-62b503600e34", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a1d1b264-ddce-5dd0-ac0f-3ec158eb7bed", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e5099209-c388-586c-bbd6-9c1012ef8b80", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:75eb0dd9-0a08-5a51-8db4-9ee230a22418", "id": "CVE-2024-38809", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38809 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7d2f7968-1a28-563f-9e35-9930a6de0d8a", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1df569f7-77f1-5c3a-a179-1d2eb32a785e", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bdfb0603-75b4-50cd-b86d-dd3cd1d91ca4", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.1.7.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:694fa42f-28af-56e9-a57a-2b589e899127", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 4.1.7.RELEASE-tuxcare.1 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.1.7.RELEASE-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.1.7.RELEASE-tuxcare.1" } ] }