{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:0e9d8eda-6634-546f-8c28-758eabf1f382", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-websocket@5.3.31-tuxcare.3", "type": "library", "group": "org.springframework", "name": "spring-websocket", "version": "5.3.31-tuxcare.3", "purl": "pkg:maven/org.springframework/spring-websocket@5.3.31-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:7f23db55-b2f6-5396-9951-552e42e13858", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.31-tuxcare.3 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:95276e20-e271-5b5d-a43f-758cc0b93023", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.3.31-tuxcare.3 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:15cb7abd-f401-57d2-b619-d3129bd0fc27", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.3.31-tuxcare.3 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a88f6b72-f18d-5a3d-8ab6-9e71403ae4ab", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 5.3.31-tuxcare.3 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:103387c8-8745-5bb7-813b-8ec5a228d9b9", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.3.31-tuxcare.3 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a379fe28-fbaa-51e7-97ce-5047cccfe9ed", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.31-tuxcare.3 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:182ff7c5-8eb1-55f6-81bd-d121246609a5", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.31-tuxcare.3 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:47be4221-a4d6-5b7e-87a9-2d73cb8f3c8b", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 5.3.31-tuxcare.3 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5240b0e8-7bfa-52d2-b744-52d55d57e056", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.31-tuxcare.3 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5ece04f3-94e0-5e67-821e-9f05edb01e5d", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 5.3.31-tuxcare.3 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:20807de0-566e-583c-80b8-8294e47c91d5", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.3.31-tuxcare.3 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ec6dba74-b542-5cad-bb84-b0f33d2b1e39", "id": "CVE-2025-41234", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41234 is a false positive for org.springframework:spring-websocket 5.3.31-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dcd012e9-aa99-5095-ac8b-bf21b104c3ca", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.3.31-tuxcare.3 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cf02d1b5-fbe9-5f73-8655-f0ba04b2888c", "id": "CVE-2025-41249", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41249 is fixed in version 5.3.31-tuxcare.3 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c151bf65-584b-57dd-ad3f-0384ae3a5fc7", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.31-tuxcare.3 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:29da932b-cc3e-5b49-bed2-029c9cf63cf5", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.31-tuxcare.3 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e7eb5079-a2f7-5c1b-a7d1-a268c3936c21", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.31-tuxcare.3 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b191864d-d210-52c0-a71d-7379311da53c", "id": "CVE-2026-22740", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22740 is fixed in version 5.3.31-tuxcare.3 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:52fd9ce5-29ff-5147-9f69-d76e3a865151", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.3.31-tuxcare.3 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.31-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6a2f4ee7-1a5c-59fb-82ff-3043e076d8a3", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.3.31-tuxcare.3 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.31-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.31-tuxcare.3" } ] }