{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:92881117-8592-54bc-9e08-5e55f71542ca", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-jdbc@2.7.18-tuxcare.12", "type": "library", "group": "org.springframework.boot", "name": "spring-boot-starter-data-jdbc", "version": "2.7.18-tuxcare.12", "purl": "pkg:maven/org.springframework.boot/spring-boot-starter-data-jdbc@2.7.18-tuxcare.12" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:5c9f780e-ffa9-5966-84a4-73cc7e0849d0", "id": "CVE-2023-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-38286 is fixed in version 2.7.18-tuxcare.12 of org.springframework.boot:spring-boot-starter-data-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-jdbc@2.7.18-tuxcare.12" } ] }, { "bom-ref": "urn:uuid:f5821c60-af38-5718-b8bc-cde282e5f691", "id": "CVE-2024-38807", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38807 is fixed in version 2.7.18-tuxcare.12 of org.springframework.boot:spring-boot-starter-data-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-jdbc@2.7.18-tuxcare.12" } ] }, { "bom-ref": "urn:uuid:5c62388a-f073-540f-84ae-44b283c0305c", "id": "CVE-2025-22235", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22235 is fixed in version 2.7.18-tuxcare.12 of org.springframework.boot:spring-boot-starter-data-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-jdbc@2.7.18-tuxcare.12" } ] }, { "bom-ref": "urn:uuid:d6631d5c-0f30-538f-965e-740d3b3ea579", "id": "CVE-2026-22733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22733 affects version 2.7.18-tuxcare.12 of org.springframework.boot:spring-boot-starter-data-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-jdbc@2.7.18-tuxcare.12" } ] }, { "bom-ref": "urn:uuid:d46f2a5d-3f61-5125-be1b-37135358fc8d", "id": "CVE-2026-40972", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40972 affects version 2.7.18-tuxcare.12 of org.springframework.boot:spring-boot-starter-data-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-jdbc@2.7.18-tuxcare.12" } ] }, { "bom-ref": "urn:uuid:cd1eb4c7-be79-58db-b35c-0357430a9f8c", "id": "CVE-2026-40973", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40973 affects version 2.7.18-tuxcare.12 of org.springframework.boot:spring-boot-starter-data-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-jdbc@2.7.18-tuxcare.12" } ] }, { "bom-ref": "urn:uuid:c5f3dacf-6403-51e0-b532-80daf855c0bf", "id": "CVE-2026-40974", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40974 affects version 2.7.18-tuxcare.12 of org.springframework.boot:spring-boot-starter-data-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-jdbc@2.7.18-tuxcare.12" } ] }, { "bom-ref": "urn:uuid:32def384-c82b-5fcf-8110-adf0322a33e9", "id": "CVE-2026-40975", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40975 affects version 2.7.18-tuxcare.12 of org.springframework.boot:spring-boot-starter-data-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-jdbc@2.7.18-tuxcare.12" } ] }, { "bom-ref": "urn:uuid:99de3922-0833-5659-9b4f-bfa493975d69", "id": "CVE-2026-40977", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40977 affects version 2.7.18-tuxcare.12 of org.springframework.boot:spring-boot-starter-data-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-jdbc@2.7.18-tuxcare.12" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-jdbc@2.7.18-tuxcare.12" } ] }