{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:8a7d468f-7d42-57ea-b5d1-d61d2beed3da", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.boot/spring-boot-starter-mail@2.7.16-tuxcare.2", "type": "library", "group": "org.springframework.boot", "name": "spring-boot-starter-mail", "version": "2.7.16-tuxcare.2", "purl": "pkg:maven/org.springframework.boot/spring-boot-starter-mail@2.7.16-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:b0cee25d-2978-5aa3-86ea-b07bc29448e3", "id": "CVE-2023-34055", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34055 is fixed in version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-starter-mail." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-mail@2.7.16-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:91c0cba0-d3c2-5692-9e0c-d9356468efb6", "id": "CVE-2023-38286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-38286 affects version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-starter-mail." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-mail@2.7.16-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:acd1ee4f-8969-5bc4-a590-fd043eae6b82", "id": "CVE-2024-38807", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38807 affects version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-starter-mail." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-mail@2.7.16-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:563c1552-b4fe-54ad-b4bb-276bde04c45e", "id": "CVE-2025-22235", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22235 is fixed in version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-starter-mail." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-mail@2.7.16-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:eb12c58a-0a05-55e0-9b38-71a988ae606f", "id": "CVE-2026-22733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22733 is fixed in version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-starter-mail." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-mail@2.7.16-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:80b3c2fb-d9bb-56c7-8cf1-7276ebaa0310", "id": "CVE-2026-40972", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-40972 is fixed in version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-starter-mail." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-mail@2.7.16-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c7986a64-971b-545f-bfdb-d5e0a9663e69", "id": "CVE-2026-40973", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40973 affects version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-starter-mail." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-mail@2.7.16-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c4851f69-d6ba-539e-945d-b4dbd5e87156", "id": "CVE-2026-40974", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40974 affects version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-starter-mail." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-mail@2.7.16-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8326c266-526d-551f-9ba0-01ffc65439a1", "id": "CVE-2026-40975", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40975 affects version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-starter-mail." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-mail@2.7.16-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:849116c2-5d90-542d-ac43-fdf46988756c", "id": "CVE-2026-40977", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40977 affects version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-starter-mail." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-mail@2.7.16-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:08de2f7e-c9aa-5bce-a76c-eca89a18b406", "id": "CVE-2026-40992", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40992 affects version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-starter-mail." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-mail@2.7.16-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:63e707a5-6501-5636-a5e9-e18f76d1ea85", "id": "CVE-2026-41001", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41001 affects version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-starter-mail." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-mail@2.7.16-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-mail@2.7.16-tuxcare.2" } ] }