{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:6489c6be-a21a-541b-9d78-ae0c6c4a768e", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.boot/spring-boot-loader-tools@2.7.18-tuxcare.12", "type": "library", "group": "org.springframework.boot", "name": "spring-boot-loader-tools", "version": "2.7.18-tuxcare.12", "purl": "pkg:maven/org.springframework.boot/spring-boot-loader-tools@2.7.18-tuxcare.12" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:5ee1d8c4-9d51-58e5-b540-f43019e3399b", "id": "CVE-2023-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-38286 is fixed in version 2.7.18-tuxcare.12 of org.springframework.boot:spring-boot-loader-tools." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-loader-tools@2.7.18-tuxcare.12" } ] }, { "bom-ref": "urn:uuid:ba9d2bfc-d0db-5461-bd15-f814a619d348", "id": "CVE-2024-38807", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38807 is fixed in version 2.7.18-tuxcare.12 of org.springframework.boot:spring-boot-loader-tools." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-loader-tools@2.7.18-tuxcare.12" } ] }, { "bom-ref": "urn:uuid:96b08192-5474-5db7-9858-b72ea655f840", "id": "CVE-2025-22235", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22235 is fixed in version 2.7.18-tuxcare.12 of org.springframework.boot:spring-boot-loader-tools." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-loader-tools@2.7.18-tuxcare.12" } ] }, { "bom-ref": "urn:uuid:313ae051-07d2-5450-b2c7-5c53a4c3e134", "id": "CVE-2026-22733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22733 affects version 2.7.18-tuxcare.12 of org.springframework.boot:spring-boot-loader-tools." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-loader-tools@2.7.18-tuxcare.12" } ] }, { "bom-ref": "urn:uuid:c4a9a582-3506-5202-ac33-aeb275761689", "id": "CVE-2026-40972", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40972 affects version 2.7.18-tuxcare.12 of org.springframework.boot:spring-boot-loader-tools." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-loader-tools@2.7.18-tuxcare.12" } ] }, { "bom-ref": "urn:uuid:e412ea41-29fe-5aa8-a5ac-59ce55ccad02", "id": "CVE-2026-40973", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40973 affects version 2.7.18-tuxcare.12 of org.springframework.boot:spring-boot-loader-tools." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-loader-tools@2.7.18-tuxcare.12" } ] }, { "bom-ref": "urn:uuid:15f60697-d091-5a4d-af26-5bfa035086a1", "id": "CVE-2026-40974", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40974 affects version 2.7.18-tuxcare.12 of org.springframework.boot:spring-boot-loader-tools." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-loader-tools@2.7.18-tuxcare.12" } ] }, { "bom-ref": "urn:uuid:59079e10-289b-5d6f-9169-c722077aff85", "id": "CVE-2026-40975", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40975 affects version 2.7.18-tuxcare.12 of org.springframework.boot:spring-boot-loader-tools." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-loader-tools@2.7.18-tuxcare.12" } ] }, { "bom-ref": "urn:uuid:f27f2c53-a2e8-5b02-82e1-869fad081941", "id": "CVE-2026-40977", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40977 affects version 2.7.18-tuxcare.12 of org.springframework.boot:spring-boot-loader-tools." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-loader-tools@2.7.18-tuxcare.12" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-loader-tools@2.7.18-tuxcare.12" } ] }