{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:d0e9febb-ed06-5158-a65c-86b8a729ac04", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-websocket@5.3.37-tuxcare.5", "type": "library", "group": "org.springframework", "name": "spring-websocket", "version": "5.3.37-tuxcare.5", "purl": "pkg:maven/org.springframework/spring-websocket@5.3.37-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:5370c088-340e-543c-9349-1ca94f4ca901", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.37-tuxcare.5 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.37-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9d904917-7fb9-5c90-9ed8-225176501061", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.3.37-tuxcare.5 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.37-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:74f46e60-9451-56cf-970b-b6dd09731e7a", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.37-tuxcare.5 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.37-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:560eff9c-f790-51e1-bc02-546c517637b8", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.37-tuxcare.5 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.37-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6d6d5b50-2592-5601-aed8-b591cfa5ea36", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.3.37-tuxcare.5 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.37-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:345381c1-46a2-5b74-8231-72762da9d5a6", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.37-tuxcare.5 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.37-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:670b134f-3c32-5bdc-924c-785a3383be97", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.3.37-tuxcare.5 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.37-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c9a36eb5-d126-562e-bf95-edfc6a12c308", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.3.37-tuxcare.5 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.37-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ee4b7f33-ecb9-5a45-95b3-e84a2e54f291", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 5.3.37-tuxcare.5 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.37-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:117d009c-ba41-5923-a746-ce55435b3d0c", "id": "CVE-2025-41249", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41249 is fixed in version 5.3.37-tuxcare.5 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.37-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8ea18e0d-3478-5bc6-895c-fac428a9ecc7", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 5.3.37-tuxcare.5 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.37-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:21490e5a-a09b-5690-87d8-d2cd1c7d6388", "id": "CVE-2026-22735", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22735 is fixed in version 5.3.37-tuxcare.5 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.37-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:28872eeb-ea31-554e-8939-60539667ce2c", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.37-tuxcare.5 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.37-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7d919e42-2421-5ded-a850-8c02e9fcb834", "id": "CVE-2026-22740", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22740 is fixed in version 5.3.37-tuxcare.5 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.37-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9199d011-30f1-55ba-a636-5858f41bd514", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.3.37-tuxcare.5 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.37-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:df9eb4b3-dabb-5b79-a6b9-aefff237ab1b", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.3.37-tuxcare.5 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.37-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.37-tuxcare.5" } ] }