{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:595dd2fa-4fbd-5ac4-9890-2a6dd3860db7", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-r2dbc@2.7.16-tuxcare.2", "type": "library", "group": "org.springframework.boot", "name": "spring-boot-starter-data-r2dbc", "version": "2.7.16-tuxcare.2", "purl": "pkg:maven/org.springframework.boot/spring-boot-starter-data-r2dbc@2.7.16-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:1c62bb1e-63be-5750-bbca-eaa899b070fa", "id": "CVE-2023-34055", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34055 is fixed in version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-starter-data-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-r2dbc@2.7.16-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7028fb79-16c1-5cb2-b503-3780560563a7", "id": "CVE-2023-38286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-38286 affects version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-starter-data-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-r2dbc@2.7.16-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d1814bd9-b287-5b4b-ad09-d042dd7d490d", "id": "CVE-2024-38807", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38807 affects version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-starter-data-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-r2dbc@2.7.16-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d66fa2c4-cf8a-56e3-9785-e36a22a68ddd", "id": "CVE-2025-22235", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22235 is fixed in version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-starter-data-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-r2dbc@2.7.16-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:53a97e3e-fa74-5ade-898f-8fa8c64d247b", "id": "CVE-2026-22733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22733 is fixed in version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-starter-data-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-r2dbc@2.7.16-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b7a52ce0-f6a6-5a96-b653-f3c9afd6da80", "id": "CVE-2026-40972", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-40972 is fixed in version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-starter-data-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-r2dbc@2.7.16-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5216bcd8-88ce-505b-96af-d1543879224e", "id": "CVE-2026-40973", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40973 affects version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-starter-data-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-r2dbc@2.7.16-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:65856084-46c4-5b21-ac50-2455234bb941", "id": "CVE-2026-40974", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40974 affects version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-starter-data-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-r2dbc@2.7.16-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:88d57294-818a-5c82-a2b9-b9572a4ce095", "id": "CVE-2026-40975", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40975 affects version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-starter-data-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-r2dbc@2.7.16-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:04580235-e375-5eba-acd3-9b4ecf7f1290", "id": "CVE-2026-40977", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40977 affects version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-starter-data-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-r2dbc@2.7.16-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:13032081-1b90-581f-ace6-53a4bef3dddc", "id": "CVE-2026-40992", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40992 affects version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-starter-data-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-r2dbc@2.7.16-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c4e3cf57-f3ea-5091-a003-f8652e76b3ad", "id": "CVE-2026-41001", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41001 affects version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-starter-data-r2dbc." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-r2dbc@2.7.16-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-r2dbc@2.7.16-tuxcare.2" } ] }