{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:3b599985-5c44-5d2f-a584-caf24fba9f9a", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.boot/spring-boot-maven-plugin@2.7.16-tuxcare.5", "type": "library", "group": "org.springframework.boot", "name": "spring-boot-maven-plugin", "version": "2.7.16-tuxcare.5", "purl": "pkg:maven/org.springframework.boot/spring-boot-maven-plugin@2.7.16-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:da2cefd7-8d3e-5c3b-b7b0-2af348bce2c5", "id": "CVE-2023-34055", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34055 is fixed in version 2.7.16-tuxcare.5 of org.springframework.boot:spring-boot-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-maven-plugin@2.7.16-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9c2a740f-fe89-513f-bf66-9825264a6c38", "id": "CVE-2023-38286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-38286 affects version 2.7.16-tuxcare.5 of org.springframework.boot:spring-boot-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-maven-plugin@2.7.16-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0d2d91f7-514b-56e9-b9a5-1d43111cf014", "id": "CVE-2024-38807", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38807 is fixed in version 2.7.16-tuxcare.5 of org.springframework.boot:spring-boot-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-maven-plugin@2.7.16-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ad6b1f54-1b6e-5e9c-8a24-085de0c63e8d", "id": "CVE-2025-22235", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22235 is fixed in version 2.7.16-tuxcare.5 of org.springframework.boot:spring-boot-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-maven-plugin@2.7.16-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6b9bfa14-3c5e-5087-a803-e2c36f53bd5f", "id": "CVE-2026-22733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22733 is fixed in version 2.7.16-tuxcare.5 of org.springframework.boot:spring-boot-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-maven-plugin@2.7.16-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:979c4b6c-16db-5ef9-95c1-b7ea3b445a84", "id": "CVE-2026-40972", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-40972 is fixed in version 2.7.16-tuxcare.5 of org.springframework.boot:spring-boot-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-maven-plugin@2.7.16-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:74642cad-299d-5819-9985-4fc2a85fda71", "id": "CVE-2026-40973", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-40973 is fixed in version 2.7.16-tuxcare.5 of org.springframework.boot:spring-boot-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-maven-plugin@2.7.16-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:264c5798-f39a-511f-97ed-dcb25fe2a196", "id": "CVE-2026-40974", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40974 affects version 2.7.16-tuxcare.5 of org.springframework.boot:spring-boot-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-maven-plugin@2.7.16-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:91c22548-12f8-5390-9ce2-ee2b097925f9", "id": "CVE-2026-40975", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-40975 is fixed in version 2.7.16-tuxcare.5 of org.springframework.boot:spring-boot-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-maven-plugin@2.7.16-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8e4a7964-3cb3-5f4e-9f80-aa997841d565", "id": "CVE-2026-40977", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-40977 is fixed in version 2.7.16-tuxcare.5 of org.springframework.boot:spring-boot-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-maven-plugin@2.7.16-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8151a7d0-514f-56b0-9782-b6aaf3119781", "id": "CVE-2026-40992", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40992 affects version 2.7.16-tuxcare.5 of org.springframework.boot:spring-boot-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-maven-plugin@2.7.16-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5dfc650b-abc4-59e0-bddf-f6d1e8053df7", "id": "CVE-2026-41001", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41001 affects version 2.7.16-tuxcare.5 of org.springframework.boot:spring-boot-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-maven-plugin@2.7.16-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-maven-plugin@2.7.16-tuxcare.5" } ] }