{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:70df2472-27c5-552f-bb92-a24fa0a1d59f", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-websocket@6.0.23-tuxcare.3", "type": "library", "group": "org.springframework", "name": "spring-websocket", "version": "6.0.23-tuxcare.3", "purl": "pkg:maven/org.springframework/spring-websocket@6.0.23-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:e93b909b-42dd-54a9-836e-fc8f7bb7ac0f", "id": "CVE-2024-38816", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38816 affects version 6.0.23-tuxcare.3 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@6.0.23-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a92d1a6d-3b42-5356-b67d-5fa744bb7213", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 6.0.23-tuxcare.3 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@6.0.23-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a002e3a2-ca63-5b7e-bae8-08591ec0cf05", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 6.0.23-tuxcare.3 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@6.0.23-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:577be103-d150-5cd7-b4f0-af1aba8b44f1", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 6.0.23-tuxcare.3 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@6.0.23-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:68e85a49-797f-5080-bc0c-97b006aa79bd", "id": "CVE-2025-41234", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41234 is fixed in version 6.0.23-tuxcare.3 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@6.0.23-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6199586e-fd8a-50a5-9d1e-14398bdfc7bd", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 6.0.23-tuxcare.3 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@6.0.23-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b330ba51-2b95-54bd-9f47-4ab67e9a8f80", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 6.0.23-tuxcare.3 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@6.0.23-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f9e1afaa-6970-51df-b899-7f97a43f659a", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 6.0.23-tuxcare.3 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@6.0.23-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e4625b2e-0328-592c-9cc2-50e86cbf6844", "id": "CVE-2026-22735", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22735 is fixed in version 6.0.23-tuxcare.3 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@6.0.23-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3d9b4eb7-42d9-5b3f-b73b-f6e138ffb455", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 6.0.23-tuxcare.3 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@6.0.23-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:af8d592f-1b6e-5146-89dc-f90dcfe81cf5", "id": "CVE-2026-22740", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22740 is fixed in version 6.0.23-tuxcare.3 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@6.0.23-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0d07c576-c847-55d4-9eea-663de63aacd2", "id": "CVE-2026-22741", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22741 is fixed in version 6.0.23-tuxcare.3 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@6.0.23-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c32c092d-fc71-5d27-8ca6-844260011c56", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 6.0.23-tuxcare.3 of org.springframework:spring-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-websocket@6.0.23-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-websocket@6.0.23-tuxcare.3" } ] }