{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:25574cbf-182a-5adb-9392-6c32a1d7e6e7", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-websocket@4.1.7.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-websocket", "version": "4.1.7.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-websocket@4.1.7.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:d44bf051-0143-5ac1-a634-49c73ae2672d", "id": "CVE-2015-5211", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-5211 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4d89fbac-f940-53d1-982e-e692d64b87df", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dac6a842-76a2-5370-8e5d-9e2c84bf4392", "id": "CVE-2016-5007", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-5007 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8deeb3ba-ab23-5eff-94f4-8a96b799a02f", "id": "CVE-2018-11039", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11039 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:79a6ad5b-8fff-5edc-93a9-7cb659883cb7", "id": "CVE-2018-11040", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11040 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:28f33e13-bd3f-5618-84f0-1bfd62ee2424", "id": "CVE-2018-1257", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1257 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:753bde34-4bc4-53e0-ac60-f78ba9717850", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:547a1f3f-18d5-50f0-866b-f47deff281a6", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:17478def-516c-5488-bdd2-2cb204888295", "id": "CVE-2018-1272", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1272 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:49a026f0-821a-554f-ad5e-eb6081a16275", "id": "CVE-2018-1275", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1275 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f6052400-a1ad-5410-823c-19caf6fb6550", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6a1cd3af-ccc3-5663-8e14-eb5bc168f947", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a202ccdf-6539-5844-b249-64e617fb07b6", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c0b782f0-91d3-5e92-b84c-b753847e3392", "id": "CVE-2022-22950", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22950 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:83564a33-1580-5954-a1d7-b5a79ed600b6", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e6de81b9-e037-5491-8ac3-b375a6e4c1c3", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e299e50c-eff5-5cb0-99e8-ed2ec83cea2a", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7556eee6-e779-5866-aeae-dd8875f1bf44", "id": "CVE-2022-22971", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22971 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:695d9e25-0050-57aa-bc66-54e0deb32214", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4cb9da41-8b41-5cb7-a1a8-0795d30da6b3", "id": "CVE-2023-20863", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20863 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fe294dcf-6c8e-597f-a176-22e245b432fc", "id": "CVE-2024-22243", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22243 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8ad70681-bf7d-5eb6-bcdd-a4805c0826b5", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b5356978-3e7e-5b6a-b523-f9ab331b4e93", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f65643c8-cd43-5c2c-9fe7-fe2156e15f38", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e4bb2c11-69b3-563f-a6d1-87812a931a95", "id": "CVE-2024-38809", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38809 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d7808c5d-f683-5c8d-afbf-26a6a922280c", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:44e25db7-337d-515c-bafc-4a1ccb3b3c4f", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c842078f-4052-5b03-9af9-779faea18a8e", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.1.7.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0557de46-2a8c-5b65-b818-edfd5015e0be", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 4.1.7.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.1.7.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.1.7.RELEASE-tuxcare.2" } ] }