{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:66aeaee2-8c6a-5f78-8aac-c3f84f451f6f", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-websocket@4.2.9.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-websocket", "version": "4.2.9.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-websocket@4.2.9.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:fcbfc09e-2957-5272-9863-2b3e95cca9da", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f2298cb0-ccf1-573d-9402-8f31eee7cf9c", "id": "CVE-2016-5007", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5007 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2361ab17-e76c-5820-8c58-3181f9fccfeb", "id": "CVE-2018-1257", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1257 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6c5e972a-7023-582a-a229-6ca12a7ca804", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b841d7d8-cc80-5538-b0e4-3401150e17bd", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1456c7e8-e2e3-566e-8d8d-813ed5d564e1", "id": "CVE-2018-1272", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1272 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:85f91695-5604-5e2b-8faa-b5eb43653c15", "id": "CVE-2018-1275", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1275 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:722d15bc-8fd5-5524-810a-e91cb25d8e08", "id": "CVE-2018-15756", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-15756 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:859a7651-bbc8-5587-a309-dbcfcb51bb5f", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:93641070-4a80-534f-b6ee-87930cbe0c44", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:48e956b9-6d93-5128-8cfe-25b68c7d4cd1", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a082c97f-69f5-5767-81de-c69c5cfa11d8", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:637c37c9-73c2-5943-84bf-b3f39bfb0b74", "id": "CVE-2022-22965", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22965 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1948f8e6-dc0f-59b3-9f72-2cccc7b8af6d", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3b4aca88-a46e-581c-8f02-6a21e1aa76fd", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f1d8f705-f693-574e-a6ed-fb3f8f285e01", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c788c283-ae8c-5efd-9e85-7916c2330c17", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:17b9f048-61ef-5e08-81b0-d4982dc2942b", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:88dd4130-354a-52d3-a3cd-f892b1ccfb6d", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:74b075d1-102e-5b45-a4d2-4a887bfea3af", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4c78b93d-b121-5e76-8749-9bf9ac587815", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:442c8986-6182-503b-b43d-f8c44f896ac9", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:518409b0-108c-5656-947d-7b026ccf431e", "id": "CVE-2024-38809", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38809 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0d35250f-b003-50f7-80ec-f221b7807435", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:11d4eca8-4991-5f11-bfc3-9e9b737f2148", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:47ad7fc3-5549-5542-bd58-e76edbc0a4ff", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:19f911a9-9b7b-5c94-8924-0db9a69e9746", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.2.9.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:80b5aa79-49c0-5065-b50c-57f7ad9071bf", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 4.2.9.RELEASE-tuxcare.2 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.2.9.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-websocket@4.2.9.RELEASE-tuxcare.2" } ] }