{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:d5bf69c2-b9fd-5adb-b37d-0c801c333179", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.boot/spring-boot-test@2.7.18.tuxcare.2", "type": "library", "group": "org.springframework.boot", "name": "spring-boot-test", "version": "2.7.18.tuxcare.2", "purl": "pkg:maven/org.springframework.boot/spring-boot-test@2.7.18.tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:268ace02-48b1-592e-ad4c-69a9e96b3491", "id": "CVE-2023-38286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-38286 affects version 2.7.18.tuxcare.2 of org.springframework.boot:spring-boot-test." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-test@2.7.18.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5c897a8b-f790-5379-94de-e86de6043a84", "id": "CVE-2024-38807", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38807 affects version 2.7.18.tuxcare.2 of org.springframework.boot:spring-boot-test." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-test@2.7.18.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:adee7653-bf87-52fa-9d89-d5f41fc1a7d8", "id": "CVE-2025-22235", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22235 affects version 2.7.18.tuxcare.2 of org.springframework.boot:spring-boot-test." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-test@2.7.18.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1ff4fc69-1bc4-531b-9600-c315405b1014", "id": "CVE-2026-22733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22733 affects version 2.7.18.tuxcare.2 of org.springframework.boot:spring-boot-test." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-test@2.7.18.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:37dea119-f73a-5e9c-a820-ccf07a8b0e2f", "id": "CVE-2026-40972", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40972 affects version 2.7.18.tuxcare.2 of org.springframework.boot:spring-boot-test." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-test@2.7.18.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d7a0931e-cd0f-5892-b752-b608adbafaf6", "id": "CVE-2026-40973", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40973 affects version 2.7.18.tuxcare.2 of org.springframework.boot:spring-boot-test." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-test@2.7.18.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a36dd244-4077-55b5-980e-566c97ded9ed", "id": "CVE-2026-40974", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40974 affects version 2.7.18.tuxcare.2 of org.springframework.boot:spring-boot-test." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-test@2.7.18.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5a370d66-7bfd-5fb5-9639-c6a2b1c3e19a", "id": "CVE-2026-40975", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40975 affects version 2.7.18.tuxcare.2 of org.springframework.boot:spring-boot-test." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-test@2.7.18.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:44e40c45-00db-5a0b-ae25-4057acbd4fe8", "id": "CVE-2026-40977", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40977 affects version 2.7.18.tuxcare.2 of org.springframework.boot:spring-boot-test." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-test@2.7.18.tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-test@2.7.18.tuxcare.2" } ] }