{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:604a1fac-4886-5c77-85e9-ac824759c11e", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.boot/spring-boot-loader@2.6.15-tuxcare.8", "type": "library", "group": "org.springframework.boot", "name": "spring-boot-loader", "version": "2.6.15-tuxcare.8", "purl": "pkg:maven/org.springframework.boot/spring-boot-loader@2.6.15-tuxcare.8" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:f7a8e15f-5fe5-50db-b283-cab3c952a8eb", "id": "CVE-2023-34055", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34055 is fixed in version 2.6.15-tuxcare.8 of org.springframework.boot:spring-boot-loader." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-loader@2.6.15-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:df3c4b62-07e0-5469-ab40-c2873bd50dec", "id": "CVE-2024-38807", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38807 affects version 2.6.15-tuxcare.8 of org.springframework.boot:spring-boot-loader." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-loader@2.6.15-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:9902dd7c-72d4-5367-8e6f-1587e0cc2e2d", "id": "CVE-2025-22235", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22235 is fixed in version 2.6.15-tuxcare.8 of org.springframework.boot:spring-boot-loader." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-loader@2.6.15-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:977e14cf-9aef-538a-9a0b-99a28c06f6b0", "id": "CVE-2026-22733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22733 affects version 2.6.15-tuxcare.8 of org.springframework.boot:spring-boot-loader." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-loader@2.6.15-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:9cb79c51-a4df-5fb4-aad1-a7dac1715384", "id": "CVE-2026-40972", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40972 affects version 2.6.15-tuxcare.8 of org.springframework.boot:spring-boot-loader." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-loader@2.6.15-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:e6653973-70d8-5f61-89a4-fbe8e10e938a", "id": "CVE-2026-40973", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40973 affects version 2.6.15-tuxcare.8 of org.springframework.boot:spring-boot-loader." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-loader@2.6.15-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:6df766b9-a228-5f14-826e-0e96b2fe7224", "id": "CVE-2026-40974", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40974 affects version 2.6.15-tuxcare.8 of org.springframework.boot:spring-boot-loader." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-loader@2.6.15-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:d13a3b28-ccef-5db2-9123-79e1ee57aa2a", "id": "CVE-2026-40975", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40975 affects version 2.6.15-tuxcare.8 of org.springframework.boot:spring-boot-loader." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-loader@2.6.15-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:f474c9b8-857a-5261-82f5-08c97ae62295", "id": "CVE-2026-40977", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40977 affects version 2.6.15-tuxcare.8 of org.springframework.boot:spring-boot-loader." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-loader@2.6.15-tuxcare.8" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-loader@2.6.15-tuxcare.8" } ] }