{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:22ca23fa-c1cf-56a6-8b32-7be44cbcd4a0", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.boot/spring-boot-starter-jdbc@2.7.16-tuxcare.4", "type": "library", "group": "org.springframework.boot", "name": "spring-boot-starter-jdbc", "version": "2.7.16-tuxcare.4", "purl": "pkg:maven/org.springframework.boot/spring-boot-starter-jdbc@2.7.16-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:77455a4c-c10a-5bae-8fe9-f4a2889a96bd", "id": "CVE-2023-34055", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34055 is fixed in version 2.7.16-tuxcare.4 of org.springframework.boot:spring-boot-starter-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-jdbc@2.7.16-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:70b5bbdd-465d-5a4d-835e-7b1f04c7d9df", "id": "CVE-2023-38286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-38286 affects version 2.7.16-tuxcare.4 of org.springframework.boot:spring-boot-starter-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-jdbc@2.7.16-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:054d3679-b895-5764-bc1c-d83a4f70f361", "id": "CVE-2024-38807", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38807 affects version 2.7.16-tuxcare.4 of org.springframework.boot:spring-boot-starter-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-jdbc@2.7.16-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:95b55d11-0e4e-5cb4-819f-979df8e41aef", "id": "CVE-2025-22235", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22235 is fixed in version 2.7.16-tuxcare.4 of org.springframework.boot:spring-boot-starter-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-jdbc@2.7.16-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:299d2af9-b794-54d3-a46a-e4973b8d6605", "id": "CVE-2026-22733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22733 is fixed in version 2.7.16-tuxcare.4 of org.springframework.boot:spring-boot-starter-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-jdbc@2.7.16-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:64f6766f-6fb7-57e3-bd4f-c57caef0cead", "id": "CVE-2026-40972", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-40972 is fixed in version 2.7.16-tuxcare.4 of org.springframework.boot:spring-boot-starter-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-jdbc@2.7.16-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5a2caeaf-ace9-5894-8d2a-fae9b09b4c91", "id": "CVE-2026-40973", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-40973 is fixed in version 2.7.16-tuxcare.4 of org.springframework.boot:spring-boot-starter-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-jdbc@2.7.16-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:681d35b0-a6d7-5b02-9898-81c8aa1b7b0f", "id": "CVE-2026-40974", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40974 affects version 2.7.16-tuxcare.4 of org.springframework.boot:spring-boot-starter-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-jdbc@2.7.16-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0c94f42a-859e-583a-ac67-487023cd2062", "id": "CVE-2026-40975", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-40975 is fixed in version 2.7.16-tuxcare.4 of org.springframework.boot:spring-boot-starter-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-jdbc@2.7.16-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b9e3579c-7029-5ceb-8ab7-e2aee7aa9b6b", "id": "CVE-2026-40977", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-40977 is fixed in version 2.7.16-tuxcare.4 of org.springframework.boot:spring-boot-starter-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-jdbc@2.7.16-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6e9ece98-1341-5542-8607-35e3513944a3", "id": "CVE-2026-40992", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40992 affects version 2.7.16-tuxcare.4 of org.springframework.boot:spring-boot-starter-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-jdbc@2.7.16-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6689ed2a-2900-5f8c-99a2-cb4a08d9eb66", "id": "CVE-2026-41001", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41001 affects version 2.7.16-tuxcare.4 of org.springframework.boot:spring-boot-starter-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-jdbc@2.7.16-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-jdbc@2.7.16-tuxcare.4" } ] }