{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:baf340e7-5925-5c3a-a91d-a557351b153e", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.boot/spring-boot-starter-websocket@2.7.18.tuxcare.4", "type": "library", "group": "org.springframework.boot", "name": "spring-boot-starter-websocket", "version": "2.7.18.tuxcare.4", "purl": "pkg:maven/org.springframework.boot/spring-boot-starter-websocket@2.7.18.tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:1ded35db-2252-52b8-a25f-82e3a5cc2dee", "id": "CVE-2023-38286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-38286 affects version 2.7.18.tuxcare.4 of org.springframework.boot:spring-boot-starter-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-websocket@2.7.18.tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cd85fdb3-58e4-5cfb-afe9-318e4d542650", "id": "CVE-2024-38807", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38807 is fixed in version 2.7.18.tuxcare.4 of org.springframework.boot:spring-boot-starter-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-websocket@2.7.18.tuxcare.4" } ] }, { "bom-ref": "urn:uuid:76ae03dd-76d0-5421-a78a-cad92c5946b8", "id": "CVE-2025-22235", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22235 affects version 2.7.18.tuxcare.4 of org.springframework.boot:spring-boot-starter-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-websocket@2.7.18.tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3d5fbbeb-091d-54cd-b661-48c078fda816", "id": "CVE-2026-22733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22733 affects version 2.7.18.tuxcare.4 of org.springframework.boot:spring-boot-starter-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-websocket@2.7.18.tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bcbd6211-c168-5bbb-8b54-f6801b302b82", "id": "CVE-2026-40972", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40972 affects version 2.7.18.tuxcare.4 of org.springframework.boot:spring-boot-starter-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-websocket@2.7.18.tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c6c4c606-2b51-5e06-81c9-311548866856", "id": "CVE-2026-40973", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40973 affects version 2.7.18.tuxcare.4 of org.springframework.boot:spring-boot-starter-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-websocket@2.7.18.tuxcare.4" } ] }, { "bom-ref": "urn:uuid:05f9888d-7437-5b7c-a161-cf59a61d68a9", "id": "CVE-2026-40974", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40974 affects version 2.7.18.tuxcare.4 of org.springframework.boot:spring-boot-starter-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-websocket@2.7.18.tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7b21abd5-24bd-58b7-82be-18cda7d03ce5", "id": "CVE-2026-40975", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40975 affects version 2.7.18.tuxcare.4 of org.springframework.boot:spring-boot-starter-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-websocket@2.7.18.tuxcare.4" } ] }, { "bom-ref": "urn:uuid:460bb3e5-b3c0-5a93-95e2-035c1e1bf501", "id": "CVE-2026-40977", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40977 affects version 2.7.18.tuxcare.4 of org.springframework.boot:spring-boot-starter-websocket." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-websocket@2.7.18.tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-websocket@2.7.18.tuxcare.4" } ] }