{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:4a8dd490-fcc0-5fb8-bafa-f2081429e78d", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.boot/spring-boot-starter-websocket@2.7.16-tuxcare.2", "type": "library", "group": "org.springframework.boot", "name": "spring-boot-starter-websocket", "version": "2.7.16-tuxcare.2", "purl": "pkg:maven/org.springframework.boot/spring-boot-starter-websocket@2.7.16-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:de6e1809-6dae-5189-bdbe-0e06f52d8230", "id": "CVE-2023-34055", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34055 is fixed in version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-starter-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-websocket@2.7.16-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5491eabe-7c1e-5347-a7c9-d2b5c3fcdf16", "id": "CVE-2023-38286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-38286 affects version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-starter-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-websocket@2.7.16-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ed3f62a3-e0ef-5f15-acfa-8bb927eb4bed", "id": "CVE-2024-38807", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38807 affects version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-starter-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-websocket@2.7.16-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3e6a6d44-be24-5031-86cb-6f079f8d092d", "id": "CVE-2025-22235", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22235 is fixed in version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-starter-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-websocket@2.7.16-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f071c13b-f1f3-5e5d-b01d-103714b29f21", "id": "CVE-2026-22733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22733 is fixed in version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-starter-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-websocket@2.7.16-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8b2f28d4-4891-5352-baa2-d78279e98543", "id": "CVE-2026-40972", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-40972 is fixed in version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-starter-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-websocket@2.7.16-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:74e56ad5-a708-5b82-b84d-f67dbae0c0db", "id": "CVE-2026-40973", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40973 affects version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-starter-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-websocket@2.7.16-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e055402c-c84c-5faa-b455-07df9b82c9a5", "id": "CVE-2026-40974", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40974 affects version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-starter-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-websocket@2.7.16-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7dd2ca94-5851-58a0-9327-159af034af40", "id": "CVE-2026-40975", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40975 affects version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-starter-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-websocket@2.7.16-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7b8abd55-88d9-5822-9775-c6605cef1d45", "id": "CVE-2026-40977", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40977 affects version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-starter-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-websocket@2.7.16-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c57ea3f9-2185-5ca1-b14f-0acf24260e0b", "id": "CVE-2026-40992", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40992 affects version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-starter-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-websocket@2.7.16-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d790e21d-2c3e-58b8-a06e-ed01025ca5b2", "id": "CVE-2026-41001", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41001 affects version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-starter-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-websocket@2.7.16-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-websocket@2.7.16-tuxcare.2" } ] }