{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:84d960b0-48b4-5f9e-902f-0dc1a585aa34", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.boot/spring-boot-starter-reactor-netty@2.7.16-tuxcare.4", "type": "library", "group": "org.springframework.boot", "name": "spring-boot-starter-reactor-netty", "version": "2.7.16-tuxcare.4", "purl": "pkg:maven/org.springframework.boot/spring-boot-starter-reactor-netty@2.7.16-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:11c3db0e-d3dc-51e6-bb6f-a3b3439c3178", "id": "CVE-2023-34055", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34055 is fixed in version 2.7.16-tuxcare.4 of org.springframework.boot:spring-boot-starter-reactor-netty." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-reactor-netty@2.7.16-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b1d2cef4-8d2f-54ea-a857-a9e10d38d4b7", "id": "CVE-2023-38286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-38286 affects version 2.7.16-tuxcare.4 of org.springframework.boot:spring-boot-starter-reactor-netty." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-reactor-netty@2.7.16-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:266d0dda-a95a-52c3-9e82-1abc6ad8c2c2", "id": "CVE-2024-38807", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38807 affects version 2.7.16-tuxcare.4 of org.springframework.boot:spring-boot-starter-reactor-netty." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-reactor-netty@2.7.16-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3bac4266-fe91-524d-9fd9-ce1e23db0670", "id": "CVE-2025-22235", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22235 is fixed in version 2.7.16-tuxcare.4 of org.springframework.boot:spring-boot-starter-reactor-netty." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-reactor-netty@2.7.16-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:409e10dc-0c9f-5d63-8660-033c4d3a27db", "id": "CVE-2026-22733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22733 is fixed in version 2.7.16-tuxcare.4 of org.springframework.boot:spring-boot-starter-reactor-netty." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-reactor-netty@2.7.16-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5c94c0fa-2c94-5173-98c1-7305409df62e", "id": "CVE-2026-40972", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-40972 is fixed in version 2.7.16-tuxcare.4 of org.springframework.boot:spring-boot-starter-reactor-netty." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-reactor-netty@2.7.16-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d991aeb8-fcd2-5449-b788-9cc3b9648bca", "id": "CVE-2026-40973", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-40973 is fixed in version 2.7.16-tuxcare.4 of org.springframework.boot:spring-boot-starter-reactor-netty." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-reactor-netty@2.7.16-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:dca4af8a-89f7-54b9-8bbd-f772ed0e7e12", "id": "CVE-2026-40974", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40974 affects version 2.7.16-tuxcare.4 of org.springframework.boot:spring-boot-starter-reactor-netty." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-reactor-netty@2.7.16-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c8cc3166-450e-5ae9-b21f-84e15fcd7361", "id": "CVE-2026-40975", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-40975 is fixed in version 2.7.16-tuxcare.4 of org.springframework.boot:spring-boot-starter-reactor-netty." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-reactor-netty@2.7.16-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8c26ca62-6f4c-5460-bd01-89fbac858c7c", "id": "CVE-2026-40977", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-40977 is fixed in version 2.7.16-tuxcare.4 of org.springframework.boot:spring-boot-starter-reactor-netty." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-reactor-netty@2.7.16-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cbcee62d-cb83-51d4-af88-7cc5db1cc9ab", "id": "CVE-2026-40992", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40992 affects version 2.7.16-tuxcare.4 of org.springframework.boot:spring-boot-starter-reactor-netty." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-reactor-netty@2.7.16-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1753bfff-979b-5f79-a4c2-b6a177ac526a", "id": "CVE-2026-41001", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41001 affects version 2.7.16-tuxcare.4 of org.springframework.boot:spring-boot-starter-reactor-netty." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-reactor-netty@2.7.16-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-reactor-netty@2.7.16-tuxcare.4" } ] }