{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:dc5d174e-1db1-5676-ac6e-1e5e51c92284", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.boot/spring-boot-starter-oauth2-client@2.7.16-tuxcare.3", "type": "library", "group": "org.springframework.boot", "name": "spring-boot-starter-oauth2-client", "version": "2.7.16-tuxcare.3", "purl": "pkg:maven/org.springframework.boot/spring-boot-starter-oauth2-client@2.7.16-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:58808ee7-5b0d-5627-88e3-15383bbb06cf", "id": "CVE-2023-34055", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34055 is fixed in version 2.7.16-tuxcare.3 of org.springframework.boot:spring-boot-starter-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-oauth2-client@2.7.16-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4ac63bce-310c-595f-abf9-4d605a0d5b69", "id": "CVE-2023-38286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-38286 affects version 2.7.16-tuxcare.3 of org.springframework.boot:spring-boot-starter-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-oauth2-client@2.7.16-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:53d0f058-1403-5d79-82ea-bd8ad8273a99", "id": "CVE-2024-38807", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38807 affects version 2.7.16-tuxcare.3 of org.springframework.boot:spring-boot-starter-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-oauth2-client@2.7.16-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:57137c1b-5a8f-5905-b1b8-e4ca8a73b76d", "id": "CVE-2025-22235", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22235 is fixed in version 2.7.16-tuxcare.3 of org.springframework.boot:spring-boot-starter-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-oauth2-client@2.7.16-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c21349af-e93b-5614-8882-f744252462f9", "id": "CVE-2026-22733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22733 is fixed in version 2.7.16-tuxcare.3 of org.springframework.boot:spring-boot-starter-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-oauth2-client@2.7.16-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3e5c8e09-1802-55ef-9d13-0b0199674240", "id": "CVE-2026-40972", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-40972 is fixed in version 2.7.16-tuxcare.3 of org.springframework.boot:spring-boot-starter-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-oauth2-client@2.7.16-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:94c3f627-020b-5601-bedd-113caa9561a9", "id": "CVE-2026-40973", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-40973 is fixed in version 2.7.16-tuxcare.3 of org.springframework.boot:spring-boot-starter-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-oauth2-client@2.7.16-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:40d19cb4-8c40-53f9-8bb5-3e9ae3dca712", "id": "CVE-2026-40974", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40974 affects version 2.7.16-tuxcare.3 of org.springframework.boot:spring-boot-starter-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-oauth2-client@2.7.16-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5df99bd8-0fec-567b-98a0-77a578cb69d4", "id": "CVE-2026-40975", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40975 affects version 2.7.16-tuxcare.3 of org.springframework.boot:spring-boot-starter-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-oauth2-client@2.7.16-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c36f6a31-06a5-58d7-b221-c254d0780ff3", "id": "CVE-2026-40977", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40977 affects version 2.7.16-tuxcare.3 of org.springframework.boot:spring-boot-starter-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-oauth2-client@2.7.16-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b93befe5-401f-5e20-8004-673ddae7fe4b", "id": "CVE-2026-40992", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40992 affects version 2.7.16-tuxcare.3 of org.springframework.boot:spring-boot-starter-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-oauth2-client@2.7.16-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b0a7ad3e-bcc5-57da-ab08-cfce546667dc", "id": "CVE-2026-41001", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41001 affects version 2.7.16-tuxcare.3 of org.springframework.boot:spring-boot-starter-oauth2-client." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-oauth2-client@2.7.16-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-oauth2-client@2.7.16-tuxcare.3" } ] }