{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:6e9c1797-d17e-506d-951b-cee90b8bd742", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.boot/spring-boot-starter-undertow@2.7.16-tuxcare.2", "type": "library", "group": "org.springframework.boot", "name": "spring-boot-starter-undertow", "version": "2.7.16-tuxcare.2", "purl": "pkg:maven/org.springframework.boot/spring-boot-starter-undertow@2.7.16-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:eb27d9df-3837-5c60-98e3-c27c5f4f4a5c", "id": "CVE-2023-34055", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34055 is fixed in version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-starter-undertow." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-undertow@2.7.16-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1946326e-413c-5c1c-afd4-c0d0150af784", "id": "CVE-2023-38286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-38286 affects version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-starter-undertow." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-undertow@2.7.16-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2a171819-b084-5262-beb2-8c901d6c7011", "id": "CVE-2024-38807", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38807 affects version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-starter-undertow." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-undertow@2.7.16-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:35143f0a-50c7-5d65-9707-88d78fba3622", "id": "CVE-2025-22235", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22235 is fixed in version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-starter-undertow." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-undertow@2.7.16-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0dc49e74-0c38-5a09-b988-a7f0192c7b18", "id": "CVE-2026-22733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22733 is fixed in version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-starter-undertow." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-undertow@2.7.16-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1be759c6-21ac-5f86-b45a-6e2d21db7c78", "id": "CVE-2026-40972", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-40972 is fixed in version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-starter-undertow." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-undertow@2.7.16-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:576bbdcd-1e19-502c-bba3-b849df19bc35", "id": "CVE-2026-40973", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40973 affects version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-starter-undertow." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-undertow@2.7.16-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e8d901bb-151f-5761-a67b-2210132826ca", "id": "CVE-2026-40974", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40974 affects version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-starter-undertow." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-undertow@2.7.16-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1b5e14ac-cacf-576c-9781-fe338429abf5", "id": "CVE-2026-40975", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40975 affects version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-starter-undertow." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-undertow@2.7.16-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d6cb90d9-e271-5a14-bdf0-c1d52a51063c", "id": "CVE-2026-40977", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40977 affects version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-starter-undertow." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-undertow@2.7.16-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:09b61a8c-e3d2-5f3a-a0f6-94f13ba7f3f1", "id": "CVE-2026-40992", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40992 affects version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-starter-undertow." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-undertow@2.7.16-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1dc33818-d1be-5501-a7b1-166b9cd81c85", "id": "CVE-2026-41001", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41001 affects version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-starter-undertow." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-undertow@2.7.16-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-undertow@2.7.16-tuxcare.2" } ] }