{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:a493d8ee-ac3a-588f-916e-5e2670cc0b73", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.boot/spring-boot-devtools@2.6.15-tuxcare.3", "type": "library", "group": "org.springframework.boot", "name": "spring-boot-devtools", "version": "2.6.15-tuxcare.3", "purl": "pkg:maven/org.springframework.boot/spring-boot-devtools@2.6.15-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:5c591ac4-db32-57d0-be1b-ca30b6861055", "id": "CVE-2023-34055", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34055 affects version 2.6.15-tuxcare.3 of org.springframework.boot:spring-boot-devtools." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-devtools@2.6.15-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0a6546de-7a47-5e83-9d9b-6be5db7f2d93", "id": "CVE-2024-38807", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38807 affects version 2.6.15-tuxcare.3 of org.springframework.boot:spring-boot-devtools." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-devtools@2.6.15-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:363b195c-04dc-5def-a89f-0d74d91a8221", "id": "CVE-2025-22235", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22235 is fixed in version 2.6.15-tuxcare.3 of org.springframework.boot:spring-boot-devtools." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-devtools@2.6.15-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b5b7193c-387a-54ea-91f8-7555f974cf5a", "id": "CVE-2026-22733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22733 affects version 2.6.15-tuxcare.3 of org.springframework.boot:spring-boot-devtools." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-devtools@2.6.15-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b610914e-35ff-58e1-8fc3-28ae46d0e05d", "id": "CVE-2026-40972", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40972 affects version 2.6.15-tuxcare.3 of org.springframework.boot:spring-boot-devtools." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-devtools@2.6.15-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b57c57b0-0d8b-5cd4-9892-6bd4285bcdf1", "id": "CVE-2026-40973", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40973 affects version 2.6.15-tuxcare.3 of org.springframework.boot:spring-boot-devtools." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-devtools@2.6.15-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9dbba096-8e13-5fcc-ae7a-ad8296c91672", "id": "CVE-2026-40974", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40974 affects version 2.6.15-tuxcare.3 of org.springframework.boot:spring-boot-devtools." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-devtools@2.6.15-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a11bdf6b-b0af-55b1-8f1e-bffaba3f095e", "id": "CVE-2026-40975", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40975 affects version 2.6.15-tuxcare.3 of org.springframework.boot:spring-boot-devtools." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-devtools@2.6.15-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:467626b1-4c4b-57d7-be56-cd62651cf11c", "id": "CVE-2026-40977", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40977 affects version 2.6.15-tuxcare.3 of org.springframework.boot:spring-boot-devtools." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-devtools@2.6.15-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-devtools@2.6.15-tuxcare.3" } ] }