{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:f847357e-8e6e-5d22-9652-1f292281b52b", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.boot/spring-boot-starter-rsocket@2.7.16-tuxcare.4", "type": "library", "group": "org.springframework.boot", "name": "spring-boot-starter-rsocket", "version": "2.7.16-tuxcare.4", "purl": "pkg:maven/org.springframework.boot/spring-boot-starter-rsocket@2.7.16-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:6e6d20eb-eaef-5d5a-bbc7-09faf21dcac0", "id": "CVE-2023-34055", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34055 is fixed in version 2.7.16-tuxcare.4 of org.springframework.boot:spring-boot-starter-rsocket." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-rsocket@2.7.16-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:eb935210-3cef-5004-a068-c40d47f04c76", "id": "CVE-2023-38286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-38286 affects version 2.7.16-tuxcare.4 of org.springframework.boot:spring-boot-starter-rsocket." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-rsocket@2.7.16-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6fa71648-d8f1-57a8-87eb-dee4c534f6de", "id": "CVE-2024-38807", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38807 affects version 2.7.16-tuxcare.4 of org.springframework.boot:spring-boot-starter-rsocket." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-rsocket@2.7.16-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f560b180-66c2-509b-bf12-613d20ed67b7", "id": "CVE-2025-22235", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22235 is fixed in version 2.7.16-tuxcare.4 of org.springframework.boot:spring-boot-starter-rsocket." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-rsocket@2.7.16-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fdb671d3-3df9-5bae-ae7a-b7b7f55587ec", "id": "CVE-2026-22733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22733 is fixed in version 2.7.16-tuxcare.4 of org.springframework.boot:spring-boot-starter-rsocket." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-rsocket@2.7.16-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a1dae74a-4ecc-50d7-8f7b-958d7190b391", "id": "CVE-2026-40972", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-40972 is fixed in version 2.7.16-tuxcare.4 of org.springframework.boot:spring-boot-starter-rsocket." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-rsocket@2.7.16-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4bc89ee4-3074-5283-b043-5620ece0b067", "id": "CVE-2026-40973", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-40973 is fixed in version 2.7.16-tuxcare.4 of org.springframework.boot:spring-boot-starter-rsocket." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-rsocket@2.7.16-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ff548a91-9cee-5bd5-a208-2a81b2ec8b56", "id": "CVE-2026-40974", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40974 affects version 2.7.16-tuxcare.4 of org.springframework.boot:spring-boot-starter-rsocket." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-rsocket@2.7.16-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:82fb5103-ac5c-5b10-a4e9-16f1ea41ebee", "id": "CVE-2026-40975", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-40975 is fixed in version 2.7.16-tuxcare.4 of org.springframework.boot:spring-boot-starter-rsocket." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-rsocket@2.7.16-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c6e2f6d0-1cbc-5517-85c2-8d89fba52941", "id": "CVE-2026-40977", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-40977 is fixed in version 2.7.16-tuxcare.4 of org.springframework.boot:spring-boot-starter-rsocket." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-rsocket@2.7.16-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6c84538d-a515-58dc-aa91-2dcd9ee7f844", "id": "CVE-2026-40992", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40992 affects version 2.7.16-tuxcare.4 of org.springframework.boot:spring-boot-starter-rsocket." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-rsocket@2.7.16-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e0466a2a-0cb1-5706-9168-13491e3e3f50", "id": "CVE-2026-41001", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41001 affects version 2.7.16-tuxcare.4 of org.springframework.boot:spring-boot-starter-rsocket." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-rsocket@2.7.16-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-rsocket@2.7.16-tuxcare.4" } ] }