{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:5db1fdee-a3d3-5f38-a0a2-81bec72e1b39", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-websocket@4.3.30.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-websocket", "version": "4.3.30.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-websocket@4.3.30.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:10f31108-2b36-5109-be5f-f8faffaea404", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1beeb1db-e2d6-52f8-b481-0e486605491a", "id": "CVE-2020-5397", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5397 affects version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e6873133-dce0-597e-a4e7-1aa6838251fd", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b1275a5d-fb5c-5364-96ae-7e20d3d0653f", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c2d66592-1a82-5e13-b9fd-7256180f3c06", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:df346e8b-ef56-5cc2-9d34-d1efa6fa495b", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:72415ad5-2a84-5c3f-a631-acd0cd621bf3", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9513f65a-7c18-518b-94a7-620b8119d055", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:852a0e78-062e-526d-be83-1b847ada1d2a", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f0d9152f-2d9d-5366-8b53-932edbbe5863", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dbdce9b5-e144-5009-a899-0d75eae77792", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4f5bc3e3-1b24-58fb-86f3-4c9c63785e5b", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ecbe8513-be46-53c2-b13b-31dfa8125aae", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a041ed3f-345b-551a-980d-4edd2c1b8dce", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0b48d44c-d55f-5d42-b7f8-6df220c44a53", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:719dade7-6d33-588f-ade5-b5e82512be75", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2437e23d-213e-524a-8092-3a9be597c691", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:17800d72-2cc7-51f5-9cf5-e43909bdee60", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2e74e66e-a0f1-5494-b363-60455bddc0e6", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7aca9b91-7361-529f-b7ac-03c4d615661d", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c45931a7-1b8c-5aca-ab80-ee2d38061ec1", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:23a74c52-951d-5f5b-85fa-a353fd5fb122", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:59667f8b-f439-5967-8889-bac4e3fd7448", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:696bdd6d-2299-52aa-9f1a-f1a135277a7a", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.3.30.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7bee12ed-ac13-5479-bfcc-a390e39e449f", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 4.3.30.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.3.30.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.3.30.RELEASE-tuxcare.2" } ] }