{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:24b28d80-e6fc-5117-9c71-28d3842fb2b6", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.boot/spring-boot-loader-tools@2.6.15-tuxcare.7", "type": "library", "group": "org.springframework.boot", "name": "spring-boot-loader-tools", "version": "2.6.15-tuxcare.7", "purl": "pkg:maven/org.springframework.boot/spring-boot-loader-tools@2.6.15-tuxcare.7" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:08ddc1c7-31d4-575d-b64f-2e7817e7100d", "id": "CVE-2023-34055", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34055 is fixed in version 2.6.15-tuxcare.7 of org.springframework.boot:spring-boot-loader-tools." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-loader-tools@2.6.15-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:09e62063-f046-5ad1-8b4a-b17eee45ee31", "id": "CVE-2024-38807", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38807 affects version 2.6.15-tuxcare.7 of org.springframework.boot:spring-boot-loader-tools." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-loader-tools@2.6.15-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:0a365802-a45a-512a-a2b1-83cbce6a6ccc", "id": "CVE-2025-22235", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22235 is fixed in version 2.6.15-tuxcare.7 of org.springframework.boot:spring-boot-loader-tools." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-loader-tools@2.6.15-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:c6d3f3af-6b9d-5552-8fc8-81f29a5473d3", "id": "CVE-2026-22733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22733 affects version 2.6.15-tuxcare.7 of org.springframework.boot:spring-boot-loader-tools." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-loader-tools@2.6.15-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:55568645-ed03-5af2-9b6e-392b0a7f3df0", "id": "CVE-2026-40972", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40972 affects version 2.6.15-tuxcare.7 of org.springframework.boot:spring-boot-loader-tools." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-loader-tools@2.6.15-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:6fa65b8e-8b50-56e4-9dd3-3e59d7b8a7a9", "id": "CVE-2026-40973", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40973 affects version 2.6.15-tuxcare.7 of org.springframework.boot:spring-boot-loader-tools." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-loader-tools@2.6.15-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:f9d69dc4-4622-54a7-bc3b-4d28f2c13cf6", "id": "CVE-2026-40974", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40974 affects version 2.6.15-tuxcare.7 of org.springframework.boot:spring-boot-loader-tools." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-loader-tools@2.6.15-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:0e498bd3-8d4f-55e5-a6e4-77a7bd5c0ae5", "id": "CVE-2026-40975", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40975 affects version 2.6.15-tuxcare.7 of org.springframework.boot:spring-boot-loader-tools." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-loader-tools@2.6.15-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:7a56549d-5703-58ef-ae15-9730559b47d5", "id": "CVE-2026-40977", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40977 affects version 2.6.15-tuxcare.7 of org.springframework.boot:spring-boot-loader-tools." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-loader-tools@2.6.15-tuxcare.7" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-loader-tools@2.6.15-tuxcare.7" } ] }