{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:1cff01f1-fc15-5dd5-a895-b574363784f3", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.boot/spring-boot-starter-reactor-netty@2.7.16-tuxcare.5", "type": "library", "group": "org.springframework.boot", "name": "spring-boot-starter-reactor-netty", "version": "2.7.16-tuxcare.5", "purl": "pkg:maven/org.springframework.boot/spring-boot-starter-reactor-netty@2.7.16-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:2ae490bb-8920-5be4-b0a8-60d2c7e53990", "id": "CVE-2023-34055", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34055 is fixed in version 2.7.16-tuxcare.5 of org.springframework.boot:spring-boot-starter-reactor-netty." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-reactor-netty@2.7.16-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2ebee80d-edfc-5666-b30b-4278f9ea9b55", "id": "CVE-2023-38286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-38286 affects version 2.7.16-tuxcare.5 of org.springframework.boot:spring-boot-starter-reactor-netty." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-reactor-netty@2.7.16-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:56902dde-8564-5721-a227-a1942b75de83", "id": "CVE-2024-38807", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38807 is fixed in version 2.7.16-tuxcare.5 of org.springframework.boot:spring-boot-starter-reactor-netty." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-reactor-netty@2.7.16-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b843e8b1-96d5-5d10-9ca5-7c1680485ff9", "id": "CVE-2025-22235", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22235 is fixed in version 2.7.16-tuxcare.5 of org.springframework.boot:spring-boot-starter-reactor-netty." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-reactor-netty@2.7.16-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3da124a4-5c20-5b69-a34b-d1962bfb7312", "id": "CVE-2026-22733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22733 is fixed in version 2.7.16-tuxcare.5 of org.springframework.boot:spring-boot-starter-reactor-netty." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-reactor-netty@2.7.16-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:737ab33d-5f6f-5f41-a791-dcfa99e9eb13", "id": "CVE-2026-40972", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-40972 is fixed in version 2.7.16-tuxcare.5 of org.springframework.boot:spring-boot-starter-reactor-netty." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-reactor-netty@2.7.16-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1952b511-5138-5561-8d41-112b52239eeb", "id": "CVE-2026-40973", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-40973 is fixed in version 2.7.16-tuxcare.5 of org.springframework.boot:spring-boot-starter-reactor-netty." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-reactor-netty@2.7.16-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9d2fd50c-919b-5d07-a225-2b554149d954", "id": "CVE-2026-40974", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40974 affects version 2.7.16-tuxcare.5 of org.springframework.boot:spring-boot-starter-reactor-netty." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-reactor-netty@2.7.16-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b9089f8b-bac8-54b4-8f62-545638d1ec00", "id": "CVE-2026-40975", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-40975 is fixed in version 2.7.16-tuxcare.5 of org.springframework.boot:spring-boot-starter-reactor-netty." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-reactor-netty@2.7.16-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:59d05093-afbd-5960-9dfa-7c1d23d05a63", "id": "CVE-2026-40977", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-40977 is fixed in version 2.7.16-tuxcare.5 of org.springframework.boot:spring-boot-starter-reactor-netty." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-reactor-netty@2.7.16-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2964600a-619f-540d-a8fb-881106a2886d", "id": "CVE-2026-40992", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40992 affects version 2.7.16-tuxcare.5 of org.springframework.boot:spring-boot-starter-reactor-netty." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-reactor-netty@2.7.16-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d52ce8f9-1af5-5181-a82b-4a5e7f19374e", "id": "CVE-2026-41001", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41001 affects version 2.7.16-tuxcare.5 of org.springframework.boot:spring-boot-starter-reactor-netty." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-reactor-netty@2.7.16-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-reactor-netty@2.7.16-tuxcare.5" } ] }