{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:85944f8c-a54f-5139-aecc-859b975e7416", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-websocket@5.3.7-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-websocket", "version": "5.3.7-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-websocket@5.3.7-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:7ddb0442-1f9e-532f-a73e-6a20e14b7606", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.7-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:15b7e6bb-054e-5805-941c-95e9e6acb241", "id": "CVE-2021-22060", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22060 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2493a327-558c-5b88-bdec-49a683014469", "id": "CVE-2021-22096", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22096 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:beb13517-e300-5dcb-ba47-84c00d93c21c", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ee29240d-78cf-5b3b-bb9f-6bd073b10449", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bbf46bdb-617f-5370-8cc5-068eb333751e", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6a6630ed-4dc6-59eb-9f7d-48e4c28f7167", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2ee7a394-958e-5893-8fff-eb656b197990", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5690cd05-0870-5c41-9f7e-e6fa147a74db", "id": "CVE-2023-20860", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20860 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cbc530b2-cabc-57f9-8313-1f2377c4ea32", "id": "CVE-2023-20861", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20861 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9ebc2046-5c3d-54ec-8c30-4c907179e107", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f7ec8bef-d230-5796-a4fe-d47fc06ebd61", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:78238980-f9a2-5595-85cd-f1e9c5bd2231", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:692e29b8-b0c2-5508-b678-7a8c53a50154", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.3.7-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:27f16797-d934-5957-a2bf-fd734334946a", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a6219d8f-7c0d-53b4-9cc6-17790ef51189", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0eb0181c-9516-51a8-abbd-91fb8d15355d", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:34a77e89-b2cd-5ca0-a922-50aecb61aae8", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:08458d0c-1fde-5a56-a2b2-9cbcf6b58f25", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:44ed8ce9-de80-522c-8aac-970903a07b8d", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.3.7-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3a22399a-ee82-59a7-944d-26dad2e133ca", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.3.7-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5553eaff-2cd1-56f0-86a0-fdc9758f22b5", "id": "CVE-2025-41234", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41234 is a false positive for org.springframework:spring-websocket 5.3.7-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c151a9f7-5e6e-5ad8-b859-1848b5d86d36", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:56a09ef0-0540-5a20-8631-ec310bb2fad8", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.3.7-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:04e91646-df75-527d-a017-63413dd873a8", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:740f3441-e2ab-5fa9-ac23-600d0371ae38", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.7-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6546c118-9244-59dc-b839-ceaaa9e51a43", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.7-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.7-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-websocket@5.3.7-tuxcare.2" } ] }