{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:ee1a8b97-727c-5735-b680-df422e093d97", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.boot/spring-boot-loader-tools@2.7.16-tuxcare.2", "type": "library", "group": "org.springframework.boot", "name": "spring-boot-loader-tools", "version": "2.7.16-tuxcare.2", "purl": "pkg:maven/org.springframework.boot/spring-boot-loader-tools@2.7.16-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:605d0247-530f-5d02-90a7-af24fdecb04a", "id": "CVE-2023-34055", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34055 is fixed in version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-loader-tools." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-loader-tools@2.7.16-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d668317c-2d54-504b-ae7e-d0a211d81c96", "id": "CVE-2023-38286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-38286 affects version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-loader-tools." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-loader-tools@2.7.16-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:952a99af-59a1-505f-ad53-f0cedf01b2ff", "id": "CVE-2024-38807", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38807 affects version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-loader-tools." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-loader-tools@2.7.16-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e0c593f4-aa54-516c-a297-ae8346716a40", "id": "CVE-2025-22235", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22235 is fixed in version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-loader-tools." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-loader-tools@2.7.16-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:85543c57-2e0a-5bbe-a696-ed9f0d6031c4", "id": "CVE-2026-22733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22733 is fixed in version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-loader-tools." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-loader-tools@2.7.16-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6a8f9004-02c4-5fd9-83ad-a0c985909eec", "id": "CVE-2026-40972", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-40972 is fixed in version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-loader-tools." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-loader-tools@2.7.16-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f3079e31-4e6c-5871-970f-2d8e748971ec", "id": "CVE-2026-40973", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40973 affects version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-loader-tools." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-loader-tools@2.7.16-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:488556b8-fb8e-543b-9bc9-34f25a500594", "id": "CVE-2026-40974", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40974 affects version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-loader-tools." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-loader-tools@2.7.16-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b35dae8a-71a7-5e45-a0b8-c5b3af32c4f2", "id": "CVE-2026-40975", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40975 affects version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-loader-tools." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-loader-tools@2.7.16-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6bbb9bac-50ba-5c18-bff1-6ab7c9d849aa", "id": "CVE-2026-40977", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40977 affects version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-loader-tools." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-loader-tools@2.7.16-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3e1790af-2956-5d01-ba10-d813f85dd624", "id": "CVE-2026-40992", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40992 affects version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-loader-tools." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-loader-tools@2.7.16-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9c18d432-22b8-550c-b62c-1fb443eb8e9e", "id": "CVE-2026-41001", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41001 affects version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-loader-tools." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-loader-tools@2.7.16-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-loader-tools@2.7.16-tuxcare.2" } ] }