{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:b9f8ec85-0e83-5dd5-8595-13fdd3c8abb8", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.boot/spring-boot-starter-rsocket@2.7.16-tuxcare.2", "type": "library", "group": "org.springframework.boot", "name": "spring-boot-starter-rsocket", "version": "2.7.16-tuxcare.2", "purl": "pkg:maven/org.springframework.boot/spring-boot-starter-rsocket@2.7.16-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:fd8f7766-a244-58e9-a4a0-dd2fce367fed", "id": "CVE-2023-34055", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34055 is fixed in version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-starter-rsocket." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-rsocket@2.7.16-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:96f9a744-60f1-505a-b535-3796b4d0ffd6", "id": "CVE-2023-38286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-38286 affects version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-starter-rsocket." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-rsocket@2.7.16-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0cb56d9b-cef7-58c6-8a2b-977d8d9627f8", "id": "CVE-2024-38807", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38807 affects version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-starter-rsocket." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-rsocket@2.7.16-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:215bc721-dbd2-56fc-8e14-682a91e5ac32", "id": "CVE-2025-22235", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22235 is fixed in version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-starter-rsocket." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-rsocket@2.7.16-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:be337dba-3c65-5138-b674-7970c441bdff", "id": "CVE-2026-22733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22733 is fixed in version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-starter-rsocket." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-rsocket@2.7.16-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:57fd10a8-e7b3-5722-8711-ed82e9698ecf", "id": "CVE-2026-40972", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-40972 is fixed in version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-starter-rsocket." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-rsocket@2.7.16-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9845bc60-cfb1-5f1d-8af7-63377cc7cfc7", "id": "CVE-2026-40973", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40973 affects version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-starter-rsocket." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-rsocket@2.7.16-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e212fb29-051b-5341-9e3a-c3763056d226", "id": "CVE-2026-40974", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40974 affects version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-starter-rsocket." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-rsocket@2.7.16-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:831edc71-2e12-584f-8110-7ecd73f0511d", "id": "CVE-2026-40975", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40975 affects version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-starter-rsocket." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-rsocket@2.7.16-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7742d7c7-c6b8-5790-985a-e5a128f7aac4", "id": "CVE-2026-40977", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40977 affects version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-starter-rsocket." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-rsocket@2.7.16-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7b777832-670d-5086-877e-06c5c88cee69", "id": "CVE-2026-40992", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40992 affects version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-starter-rsocket." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-rsocket@2.7.16-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ba5e53a5-d6f6-53e0-b42a-e34b4cc0e61e", "id": "CVE-2026-41001", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41001 affects version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-starter-rsocket." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-rsocket@2.7.16-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-rsocket@2.7.16-tuxcare.2" } ] }