{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:a130c7fb-20ca-5c89-8913-0ff76f5d6a06", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-jdbc@2.7.16-tuxcare.3", "type": "library", "group": "org.springframework.boot", "name": "spring-boot-starter-data-jdbc", "version": "2.7.16-tuxcare.3", "purl": "pkg:maven/org.springframework.boot/spring-boot-starter-data-jdbc@2.7.16-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:9bcc98ce-0d95-5cc1-8319-738b47dbe8c0", "id": "CVE-2023-34055", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34055 is fixed in version 2.7.16-tuxcare.3 of org.springframework.boot:spring-boot-starter-data-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-jdbc@2.7.16-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0bd5d5c9-6588-5b00-9979-3cf2fd9f42b8", "id": "CVE-2023-38286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-38286 affects version 2.7.16-tuxcare.3 of org.springframework.boot:spring-boot-starter-data-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-jdbc@2.7.16-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c4ba122d-7350-5987-9a83-42baa2b2daff", "id": "CVE-2024-38807", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38807 affects version 2.7.16-tuxcare.3 of org.springframework.boot:spring-boot-starter-data-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-jdbc@2.7.16-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:978476da-748e-5cc5-b417-f0a4df743d5d", "id": "CVE-2025-22235", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22235 is fixed in version 2.7.16-tuxcare.3 of org.springframework.boot:spring-boot-starter-data-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-jdbc@2.7.16-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:54ff0bd9-367c-50f5-a644-00e7e4c84aca", "id": "CVE-2026-22733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22733 is fixed in version 2.7.16-tuxcare.3 of org.springframework.boot:spring-boot-starter-data-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-jdbc@2.7.16-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e043f00c-7ab5-5526-8006-c0fb2502ecb7", "id": "CVE-2026-40972", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-40972 is fixed in version 2.7.16-tuxcare.3 of org.springframework.boot:spring-boot-starter-data-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-jdbc@2.7.16-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2e7862e0-2f5d-569d-a049-6963a72cbdaa", "id": "CVE-2026-40973", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-40973 is fixed in version 2.7.16-tuxcare.3 of org.springframework.boot:spring-boot-starter-data-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-jdbc@2.7.16-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:651a08a7-8700-5e50-a82b-43c549d514d0", "id": "CVE-2026-40974", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40974 affects version 2.7.16-tuxcare.3 of org.springframework.boot:spring-boot-starter-data-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-jdbc@2.7.16-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1df0f175-5eb4-5ab2-89e4-6a8d274c7cd0", "id": "CVE-2026-40975", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40975 affects version 2.7.16-tuxcare.3 of org.springframework.boot:spring-boot-starter-data-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-jdbc@2.7.16-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:730adda5-d45b-5e44-bd03-08317c43733a", "id": "CVE-2026-40977", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40977 affects version 2.7.16-tuxcare.3 of org.springframework.boot:spring-boot-starter-data-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-jdbc@2.7.16-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4b0460af-fb60-5ace-9178-4ea549bd85aa", "id": "CVE-2026-40992", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40992 affects version 2.7.16-tuxcare.3 of org.springframework.boot:spring-boot-starter-data-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-jdbc@2.7.16-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0c485289-8da1-53af-925f-bfb487073574", "id": "CVE-2026-41001", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41001 affects version 2.7.16-tuxcare.3 of org.springframework.boot:spring-boot-starter-data-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-jdbc@2.7.16-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-jdbc@2.7.16-tuxcare.3" } ] }