{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:b89c21cf-f73c-5a35-96e0-0314936c4146", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.boot/spring-boot-loader-tools@2.7.18-tuxcare.11", "type": "library", "group": "org.springframework.boot", "name": "spring-boot-loader-tools", "version": "2.7.18-tuxcare.11", "purl": "pkg:maven/org.springframework.boot/spring-boot-loader-tools@2.7.18-tuxcare.11" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:74611b27-07de-50e6-9503-a50bfb3a994e", "id": "CVE-2023-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-38286 is fixed in version 2.7.18-tuxcare.11 of org.springframework.boot:spring-boot-loader-tools." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-loader-tools@2.7.18-tuxcare.11" } ] }, { "bom-ref": "urn:uuid:10d04471-a2a6-5e61-ac52-8d7f6bb4d76d", "id": "CVE-2024-38807", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38807 is fixed in version 2.7.18-tuxcare.11 of org.springframework.boot:spring-boot-loader-tools." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-loader-tools@2.7.18-tuxcare.11" } ] }, { "bom-ref": "urn:uuid:25f27de3-e59d-53ff-989f-ddea4bfb9d67", "id": "CVE-2025-22235", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22235 is fixed in version 2.7.18-tuxcare.11 of org.springframework.boot:spring-boot-loader-tools." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-loader-tools@2.7.18-tuxcare.11" } ] }, { "bom-ref": "urn:uuid:68b6b2b4-48df-5334-8d03-6d359c428529", "id": "CVE-2026-22733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22733 affects version 2.7.18-tuxcare.11 of org.springframework.boot:spring-boot-loader-tools." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-loader-tools@2.7.18-tuxcare.11" } ] }, { "bom-ref": "urn:uuid:1a14e753-40ac-5ee0-b669-d35d6fc468f4", "id": "CVE-2026-40972", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40972 affects version 2.7.18-tuxcare.11 of org.springframework.boot:spring-boot-loader-tools." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-loader-tools@2.7.18-tuxcare.11" } ] }, { "bom-ref": "urn:uuid:f176b920-d509-55b4-bba9-4e87adc83497", "id": "CVE-2026-40973", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40973 affects version 2.7.18-tuxcare.11 of org.springframework.boot:spring-boot-loader-tools." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-loader-tools@2.7.18-tuxcare.11" } ] }, { "bom-ref": "urn:uuid:034b4764-a979-538d-8986-cf97408eac66", "id": "CVE-2026-40974", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40974 affects version 2.7.18-tuxcare.11 of org.springframework.boot:spring-boot-loader-tools." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-loader-tools@2.7.18-tuxcare.11" } ] }, { "bom-ref": "urn:uuid:c5a39e13-12b7-5ecb-b754-45aa7579dcb9", "id": "CVE-2026-40975", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40975 affects version 2.7.18-tuxcare.11 of org.springframework.boot:spring-boot-loader-tools." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-loader-tools@2.7.18-tuxcare.11" } ] }, { "bom-ref": "urn:uuid:4cc23424-a973-59f2-9011-192adf7ca446", "id": "CVE-2026-40977", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40977 affects version 2.7.18-tuxcare.11 of org.springframework.boot:spring-boot-loader-tools." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-loader-tools@2.7.18-tuxcare.11" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-loader-tools@2.7.18-tuxcare.11" } ] }