{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:b6f49c8b-2c3a-5b32-b96d-a9966b90d090", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.boot/spring-boot-loader-tools@2.6.15.tuxcare.1", "type": "library", "group": "org.springframework.boot", "name": "spring-boot-loader-tools", "version": "2.6.15.tuxcare.1", "purl": "pkg:maven/org.springframework.boot/spring-boot-loader-tools@2.6.15.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:3ef85955-2053-52bc-8966-a8fa592b5444", "id": "CVE-2023-34055", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34055 affects version 2.6.15.tuxcare.1 of org.springframework.boot:spring-boot-loader-tools." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-loader-tools@2.6.15.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c54dfdcc-68a1-53de-a800-5e6f43f86e9a", "id": "CVE-2024-38807", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38807 affects version 2.6.15.tuxcare.1 of org.springframework.boot:spring-boot-loader-tools." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-loader-tools@2.6.15.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:513042f7-4a5c-5936-9fe7-f692c72f1db8", "id": "CVE-2025-22235", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22235 is fixed in version 2.6.15.tuxcare.1 of org.springframework.boot:spring-boot-loader-tools." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-loader-tools@2.6.15.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:16ac8776-03ae-5b36-add5-57697519b268", "id": "CVE-2026-22733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22733 affects version 2.6.15.tuxcare.1 of org.springframework.boot:spring-boot-loader-tools." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-loader-tools@2.6.15.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:533ed76f-9270-5b31-abd0-fa5c19fc1e7d", "id": "CVE-2026-40972", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40972 affects version 2.6.15.tuxcare.1 of org.springframework.boot:spring-boot-loader-tools." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-loader-tools@2.6.15.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bb69b9c8-017d-58d3-a850-accced42273d", "id": "CVE-2026-40973", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40973 affects version 2.6.15.tuxcare.1 of org.springframework.boot:spring-boot-loader-tools." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-loader-tools@2.6.15.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f062d2b4-ab64-53ae-af13-948d8f9f152a", "id": "CVE-2026-40974", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40974 affects version 2.6.15.tuxcare.1 of org.springframework.boot:spring-boot-loader-tools." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-loader-tools@2.6.15.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a7b97ed5-1317-5e7a-871d-0eec438c84f6", "id": "CVE-2026-40975", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40975 affects version 2.6.15.tuxcare.1 of org.springframework.boot:spring-boot-loader-tools." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-loader-tools@2.6.15.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f0b7529a-add8-5e99-ada8-5fdeed6ced30", "id": "CVE-2026-40977", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40977 affects version 2.6.15.tuxcare.1 of org.springframework.boot:spring-boot-loader-tools." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-loader-tools@2.6.15.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-loader-tools@2.6.15.tuxcare.1" } ] }