{
  "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
  "bomFormat": "CycloneDX",
  "specVersion": "1.6",
  "serialNumber": "urn:uuid:d9c985c0-f8c8-5b24-9b6c-9b4a754673cf",
  "version": 1,
  "metadata": {
    "tools": [
      {
        "name": "tuxcare-vex-generator",
        "version": "1.0.0"
      }
    ]
  },
  "components": [
    {
      "bom-ref": "pkg:maven/org.springframework/spring-websocket@5.3.31-tuxcare.2",
      "type": "library",
      "group": "org.springframework",
      "name": "spring-websocket",
      "version": "5.3.31-tuxcare.2",
      "purl": "pkg:maven/org.springframework/spring-websocket@5.3.31-tuxcare.2"
    }
  ],
  "vulnerabilities": [
    {
      "bom-ref": "urn:uuid:77849447-d80e-5270-a016-7aebc1be2e29",
      "id": "CVE-2016-1000027",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.31-tuxcare.2 of org.springframework:spring-websocket."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-websocket@5.3.31-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:b483c22f-7e30-5292-be04-bd95b6fdb11f",
      "id": "CVE-2024-22243",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.3.31-tuxcare.2 of org.springframework:spring-websocket."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-websocket@5.3.31-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:503a5e11-fcc7-512f-b9f7-3a6a4f0714fa",
      "id": "CVE-2024-22259",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.3.31-tuxcare.2 of org.springframework:spring-websocket."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-websocket@5.3.31-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:f19be434-d681-5712-ab82-35248651fa05",
      "id": "CVE-2024-22262",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-22262 is fixed in version 5.3.31-tuxcare.2 of org.springframework:spring-websocket."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-websocket@5.3.31-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:ad9bab47-d363-5ff4-9042-9a391198332d",
      "id": "CVE-2024-38808",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.3.31-tuxcare.2 of org.springframework:spring-websocket."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-websocket@5.3.31-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:e4aa40c9-7d0d-5fe4-9dac-f8000a2ee0c8",
      "id": "CVE-2024-38809",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.31-tuxcare.2 of org.springframework:spring-websocket."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-websocket@5.3.31-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:65ddb7ba-e744-59f1-8a79-866b64c1b86b",
      "id": "CVE-2024-38816",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.31-tuxcare.2 of org.springframework:spring-websocket."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-websocket@5.3.31-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:07b3104c-2dbd-5a2f-a600-343f19a8d4b2",
      "id": "CVE-2024-38819",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38819 is fixed in version 5.3.31-tuxcare.2 of org.springframework:spring-websocket."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-websocket@5.3.31-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:f1fcf0eb-a644-5c8f-89fb-ed4af4c68197",
      "id": "CVE-2024-38820",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.31-tuxcare.2 of org.springframework:spring-websocket."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-websocket@5.3.31-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:e0ae43e8-6374-56c4-84bd-f1e9ad84199a",
      "id": "CVE-2024-38828",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38828 is fixed in version 5.3.31-tuxcare.2 of org.springframework:spring-websocket."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-websocket@5.3.31-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:1e6c6421-bb73-5d54-b3ce-1b0af71401b2",
      "id": "CVE-2025-22233",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.3.31-tuxcare.2 of org.springframework:spring-websocket."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-websocket@5.3.31-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:f85da29b-984b-5c84-9f9f-ec59a50673ea",
      "id": "CVE-2025-41234",
      "analysis": {
        "state": "false_positive",
        "detail": "Vulnerability CVE-2025-41234 is a false positive for org.springframework:spring-websocket 5.3.31-tuxcare.2."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-websocket@5.3.31-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:d4f35115-3955-5fc1-9387-bb5e8b5af1cf",
      "id": "CVE-2025-41242",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.3.31-tuxcare.2 of org.springframework:spring-websocket."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-websocket@5.3.31-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:b0f2171f-1299-55a3-aca9-5a46d7b278ef",
      "id": "CVE-2025-41249",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-41249 is fixed in version 5.3.31-tuxcare.2 of org.springframework:spring-websocket."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-websocket@5.3.31-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:79b4c742-f35f-5358-b3be-77b11e754f92",
      "id": "CVE-2025-41254",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.31-tuxcare.2 of org.springframework:spring-websocket."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-websocket@5.3.31-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:e4d46049-5eeb-59bb-86ac-373c19a68368",
      "id": "CVE-2026-22735",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-22735 affects version 5.3.31-tuxcare.2 of org.springframework:spring-websocket."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-websocket@5.3.31-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:a3d8f85f-5859-5be9-9cb8-9e405b529a53",
      "id": "CVE-2026-22737",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-22737 affects version 5.3.31-tuxcare.2 of org.springframework:spring-websocket."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-websocket@5.3.31-tuxcare.2"
        }
      ]
    }
  ],
  "dependencies": [
    {
      "ref": "pkg:maven/org.springframework/spring-websocket@5.3.31-tuxcare.2"
    }
  ]
}