{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:a84f5033-54a3-5537-9c93-7f5d14d686dd", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.boot/spring-boot-starter-thymeleaf@2.7.16-tuxcare.3", "type": "library", "group": "org.springframework.boot", "name": "spring-boot-starter-thymeleaf", "version": "2.7.16-tuxcare.3", "purl": "pkg:maven/org.springframework.boot/spring-boot-starter-thymeleaf@2.7.16-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:61d8b1d2-bea7-512d-9292-70193af50910", "id": "CVE-2023-34055", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34055 is fixed in version 2.7.16-tuxcare.3 of org.springframework.boot:spring-boot-starter-thymeleaf." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-thymeleaf@2.7.16-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:45369978-aa44-52b4-8364-07ecb84cf023", "id": "CVE-2023-38286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-38286 affects version 2.7.16-tuxcare.3 of org.springframework.boot:spring-boot-starter-thymeleaf." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-thymeleaf@2.7.16-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4fc525ce-91fd-504a-a88f-78845270e398", "id": "CVE-2024-38807", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38807 affects version 2.7.16-tuxcare.3 of org.springframework.boot:spring-boot-starter-thymeleaf." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-thymeleaf@2.7.16-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:604487ca-ecae-5efd-b429-edca37e2b15c", "id": "CVE-2025-22235", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22235 is fixed in version 2.7.16-tuxcare.3 of org.springframework.boot:spring-boot-starter-thymeleaf." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-thymeleaf@2.7.16-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cf7c81ac-aeae-50eb-92c7-763c92694bda", "id": "CVE-2026-22733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22733 is fixed in version 2.7.16-tuxcare.3 of org.springframework.boot:spring-boot-starter-thymeleaf." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-thymeleaf@2.7.16-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:993efacf-e188-5ad3-ac47-c6a4d92896dc", "id": "CVE-2026-40972", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-40972 is fixed in version 2.7.16-tuxcare.3 of org.springframework.boot:spring-boot-starter-thymeleaf." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-thymeleaf@2.7.16-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d031483f-f8b5-500a-9d6b-974f527c4ee6", "id": "CVE-2026-40973", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-40973 is fixed in version 2.7.16-tuxcare.3 of org.springframework.boot:spring-boot-starter-thymeleaf." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-thymeleaf@2.7.16-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7d8e99f0-9dfa-5601-8af8-4e4e570bd1ff", "id": "CVE-2026-40974", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40974 affects version 2.7.16-tuxcare.3 of org.springframework.boot:spring-boot-starter-thymeleaf." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-thymeleaf@2.7.16-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:21a25736-0e2a-5eed-93a7-022cfe214a09", "id": "CVE-2026-40975", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40975 affects version 2.7.16-tuxcare.3 of org.springframework.boot:spring-boot-starter-thymeleaf." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-thymeleaf@2.7.16-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:72982255-fb69-5f6a-8afd-38d22a9d1c8d", "id": "CVE-2026-40977", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40977 affects version 2.7.16-tuxcare.3 of org.springframework.boot:spring-boot-starter-thymeleaf." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-thymeleaf@2.7.16-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3bfa5eb6-7fb6-5de7-baaf-7081e4b31cb0", "id": "CVE-2026-40992", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40992 affects version 2.7.16-tuxcare.3 of org.springframework.boot:spring-boot-starter-thymeleaf." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-thymeleaf@2.7.16-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:93855884-f307-5c61-95c8-eea5edfca866", "id": "CVE-2026-41001", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41001 affects version 2.7.16-tuxcare.3 of org.springframework.boot:spring-boot-starter-thymeleaf." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-thymeleaf@2.7.16-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-thymeleaf@2.7.16-tuxcare.3" } ] }