{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:9ed7b052-bccb-5f29-a93d-7674ad1f13a9", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.boot/spring-boot-starter-mail@2.7.18-tuxcare.12", "type": "library", "group": "org.springframework.boot", "name": "spring-boot-starter-mail", "version": "2.7.18-tuxcare.12", "purl": "pkg:maven/org.springframework.boot/spring-boot-starter-mail@2.7.18-tuxcare.12" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:a72fdc11-4543-53cd-aab8-72ae2275643a", "id": "CVE-2023-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-38286 is fixed in version 2.7.18-tuxcare.12 of org.springframework.boot:spring-boot-starter-mail." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-mail@2.7.18-tuxcare.12" } ] }, { "bom-ref": "urn:uuid:7bc290bd-3656-52ae-9fd7-91298ef82c32", "id": "CVE-2024-38807", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38807 is fixed in version 2.7.18-tuxcare.12 of org.springframework.boot:spring-boot-starter-mail." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-mail@2.7.18-tuxcare.12" } ] }, { "bom-ref": "urn:uuid:a7edc695-6cf2-5b90-b3f0-de3e7d346621", "id": "CVE-2025-22235", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22235 is fixed in version 2.7.18-tuxcare.12 of org.springframework.boot:spring-boot-starter-mail." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-mail@2.7.18-tuxcare.12" } ] }, { "bom-ref": "urn:uuid:cde287ef-e39f-5920-9428-1bae1c0e32d3", "id": "CVE-2026-22733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22733 affects version 2.7.18-tuxcare.12 of org.springframework.boot:spring-boot-starter-mail." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-mail@2.7.18-tuxcare.12" } ] }, { "bom-ref": "urn:uuid:0c1beddc-a531-53c4-9b4f-967d8e8e7cee", "id": "CVE-2026-40972", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40972 affects version 2.7.18-tuxcare.12 of org.springframework.boot:spring-boot-starter-mail." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-mail@2.7.18-tuxcare.12" } ] }, { "bom-ref": "urn:uuid:56404279-a0df-538a-8941-b5c3e9304f1f", "id": "CVE-2026-40973", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40973 affects version 2.7.18-tuxcare.12 of org.springframework.boot:spring-boot-starter-mail." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-mail@2.7.18-tuxcare.12" } ] }, { "bom-ref": "urn:uuid:1c398c15-6a2e-590c-a524-01fd23d4e60a", "id": "CVE-2026-40974", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40974 affects version 2.7.18-tuxcare.12 of org.springframework.boot:spring-boot-starter-mail." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-mail@2.7.18-tuxcare.12" } ] }, { "bom-ref": "urn:uuid:15f2ce89-ab33-5d3a-949d-1cdcd0acf4ab", "id": "CVE-2026-40975", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40975 affects version 2.7.18-tuxcare.12 of org.springframework.boot:spring-boot-starter-mail." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-mail@2.7.18-tuxcare.12" } ] }, { "bom-ref": "urn:uuid:aaa60a70-7e5d-5c63-9de0-84b66f2afcc2", "id": "CVE-2026-40977", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40977 affects version 2.7.18-tuxcare.12 of org.springframework.boot:spring-boot-starter-mail." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-mail@2.7.18-tuxcare.12" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-mail@2.7.18-tuxcare.12" } ] }