{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:d400ff0d-2901-55da-874c-cc7e9490611c", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-websocket@6.0.23-tuxcare.4", "type": "library", "group": "org.springframework", "name": "spring-websocket", "version": "6.0.23-tuxcare.4", "purl": "pkg:maven/org.springframework/spring-websocket@6.0.23-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:927e9f10-b64d-572a-9b19-f1b5a1053ab9", "id": "CVE-2024-38816", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38816 affects version 6.0.23-tuxcare.4 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@6.0.23-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:417c1023-a1ed-5ed6-93ef-14f6394f827b", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 6.0.23-tuxcare.4 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@6.0.23-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2cbc8dad-a5ed-5f49-9ac4-1a953aad5be8", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 6.0.23-tuxcare.4 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@6.0.23-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c748f1d7-e5aa-5178-9840-8f3f39b0228f", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 6.0.23-tuxcare.4 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@6.0.23-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7ae3cdca-a065-578d-a26e-e6bc10568ed8", "id": "CVE-2025-41234", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41234 is fixed in version 6.0.23-tuxcare.4 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@6.0.23-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2e4eafd6-3c1d-55ef-bec7-d763bd157de3", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 6.0.23-tuxcare.4 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@6.0.23-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4e4995ac-cbbc-50a6-aaad-afc453552eba", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 6.0.23-tuxcare.4 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@6.0.23-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ac155e3c-358e-514c-abe8-9d5308aba7a8", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 6.0.23-tuxcare.4 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@6.0.23-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7463c369-6df7-51a0-8dc1-3d0dfabb643a", "id": "CVE-2026-22735", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22735 is fixed in version 6.0.23-tuxcare.4 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@6.0.23-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:065fd378-2035-5c68-8bcf-c2a4a0f0a02c", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 6.0.23-tuxcare.4 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@6.0.23-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:56685b0f-a4ec-5e98-af13-4a8e07e48a97", "id": "CVE-2026-22740", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22740 is fixed in version 6.0.23-tuxcare.4 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@6.0.23-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b13959eb-b733-5d64-9ad9-5d634c129119", "id": "CVE-2026-22741", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22741 is fixed in version 6.0.23-tuxcare.4 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@6.0.23-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1f057d22-0d2b-5518-abc3-a8535be654a0", "id": "CVE-2026-22745", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22745 is fixed in version 6.0.23-tuxcare.4 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@6.0.23-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-websocket@6.0.23-tuxcare.4" } ] }