{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:12ec9bf6-8335-50e4-8d43-ca3d7e688c9d", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.boot/spring-boot-starter-aop@2.7.18.tuxcare", "type": "library", "group": "org.springframework.boot", "name": "spring-boot-starter-aop", "version": "2.7.18.tuxcare", "purl": "pkg:maven/org.springframework.boot/spring-boot-starter-aop@2.7.18.tuxcare" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:f7c85f23-d868-5f3c-8c75-30dc76c19e7e", "id": "CVE-2023-38286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-38286 affects version 2.7.18.tuxcare of org.springframework.boot:spring-boot-starter-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-aop@2.7.18.tuxcare" } ] }, { "bom-ref": "urn:uuid:8d30d7fc-1be8-575d-b8a9-b17b6b479a14", "id": "CVE-2024-38807", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38807 affects version 2.7.18.tuxcare of org.springframework.boot:spring-boot-starter-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-aop@2.7.18.tuxcare" } ] }, { "bom-ref": "urn:uuid:eef1cf7f-705f-5668-a3c3-5254314572a6", "id": "CVE-2025-22235", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22235 affects version 2.7.18.tuxcare of org.springframework.boot:spring-boot-starter-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-aop@2.7.18.tuxcare" } ] }, { "bom-ref": "urn:uuid:7706fbf3-e6a8-52a4-b271-5bbe78237aea", "id": "CVE-2026-22733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22733 affects version 2.7.18.tuxcare of org.springframework.boot:spring-boot-starter-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-aop@2.7.18.tuxcare" } ] }, { "bom-ref": "urn:uuid:0f538416-f2a7-5ffc-8185-c35cdc64fb22", "id": "CVE-2026-40972", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40972 affects version 2.7.18.tuxcare of org.springframework.boot:spring-boot-starter-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-aop@2.7.18.tuxcare" } ] }, { "bom-ref": "urn:uuid:529243b1-2ceb-5b75-9273-bd7b1f8e09a9", "id": "CVE-2026-40973", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40973 affects version 2.7.18.tuxcare of org.springframework.boot:spring-boot-starter-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-aop@2.7.18.tuxcare" } ] }, { "bom-ref": "urn:uuid:af3506db-37ff-535c-89cc-0b93b8f6a4aa", "id": "CVE-2026-40974", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40974 affects version 2.7.18.tuxcare of org.springframework.boot:spring-boot-starter-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-aop@2.7.18.tuxcare" } ] }, { "bom-ref": "urn:uuid:72d7c53f-2ff2-592c-9388-5cb09c0d3149", "id": "CVE-2026-40975", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40975 affects version 2.7.18.tuxcare of org.springframework.boot:spring-boot-starter-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-aop@2.7.18.tuxcare" } ] }, { "bom-ref": "urn:uuid:778f4c29-d3ca-5b22-91ed-3160104785f0", "id": "CVE-2026-40977", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40977 affects version 2.7.18.tuxcare of org.springframework.boot:spring-boot-starter-aop." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-aop@2.7.18.tuxcare" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-aop@2.7.18.tuxcare" } ] }