{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:1ce588b3-5597-5220-95aa-87f8d5e60521", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.boot/spring-boot-devtools@2.6.15-tuxcare.4", "type": "library", "group": "org.springframework.boot", "name": "spring-boot-devtools", "version": "2.6.15-tuxcare.4", "purl": "pkg:maven/org.springframework.boot/spring-boot-devtools@2.6.15-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:46c1f215-da06-5171-9771-f24098dbb6a8", "id": "CVE-2023-34055", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34055 affects version 2.6.15-tuxcare.4 of org.springframework.boot:spring-boot-devtools." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-devtools@2.6.15-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8dee0137-17ec-567e-a77d-c1b8c3703d4a", "id": "CVE-2024-38807", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38807 affects version 2.6.15-tuxcare.4 of org.springframework.boot:spring-boot-devtools." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-devtools@2.6.15-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:01cedc20-6079-53ba-a111-46dedbe5f269", "id": "CVE-2025-22235", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22235 is fixed in version 2.6.15-tuxcare.4 of org.springframework.boot:spring-boot-devtools." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-devtools@2.6.15-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d4186e9f-4541-5b94-acff-07dc7b8fa570", "id": "CVE-2026-22733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22733 affects version 2.6.15-tuxcare.4 of org.springframework.boot:spring-boot-devtools." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-devtools@2.6.15-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3a7ab8b5-997e-56b8-b5ea-f92dbdfd3b86", "id": "CVE-2026-40972", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40972 affects version 2.6.15-tuxcare.4 of org.springframework.boot:spring-boot-devtools." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-devtools@2.6.15-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e319940d-f465-5703-9387-a4d8a409d47c", "id": "CVE-2026-40973", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40973 affects version 2.6.15-tuxcare.4 of org.springframework.boot:spring-boot-devtools." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-devtools@2.6.15-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bc67794a-5b6d-5470-b0a0-b714c0b9288a", "id": "CVE-2026-40974", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40974 affects version 2.6.15-tuxcare.4 of org.springframework.boot:spring-boot-devtools." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-devtools@2.6.15-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b51b84db-9709-5408-91f0-a7292026135a", "id": "CVE-2026-40975", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40975 affects version 2.6.15-tuxcare.4 of org.springframework.boot:spring-boot-devtools." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-devtools@2.6.15-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a540091e-46e2-57da-8e80-876728d4dfd2", "id": "CVE-2026-40977", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40977 affects version 2.6.15-tuxcare.4 of org.springframework.boot:spring-boot-devtools." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-devtools@2.6.15-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-devtools@2.6.15-tuxcare.4" } ] }