{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:e9c9a46f-90ce-58ab-8c40-4db4ef045966", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.boot/spring-boot-starter-integration@2.3.6.RELEASE-tuxcare.1", "type": "library", "group": "org.springframework.boot", "name": "spring-boot-starter-integration", "version": "2.3.6.RELEASE-tuxcare.1", "purl": "pkg:maven/org.springframework.boot/spring-boot-starter-integration@2.3.6.RELEASE-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:97fa16e7-5736-514f-892c-40c1308d22ce", "id": "CVE-2023-20873", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20873 is fixed in version 2.3.6.RELEASE-tuxcare.1 of org.springframework.boot:spring-boot-starter-integration." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-integration@2.3.6.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:37da58e9-3309-5fee-9a32-2c0ac69220f5", "id": "CVE-2023-20883", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20883 is fixed in version 2.3.6.RELEASE-tuxcare.1 of org.springframework.boot:spring-boot-starter-integration." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-integration@2.3.6.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:458725ef-946f-58c0-8b83-a6ad41d6bed7", "id": "CVE-2023-34055", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34055 affects version 2.3.6.RELEASE-tuxcare.1 of org.springframework.boot:spring-boot-starter-integration." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-integration@2.3.6.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3496765c-9197-54cf-880c-8e603e66912c", "id": "CVE-2023-38286", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2023-38286 is a false positive for org.springframework.boot:spring-boot-starter-integration 2.3.6.RELEASE-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-integration@2.3.6.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c888f70d-9f2d-54a4-a4b2-c75d714d229f", "id": "CVE-2024-38807", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38807 affects version 2.3.6.RELEASE-tuxcare.1 of org.springframework.boot:spring-boot-starter-integration." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-integration@2.3.6.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e6b462fa-212f-5ec5-bf5c-1cf80fcae4d3", "id": "CVE-2025-22235", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22235 affects version 2.3.6.RELEASE-tuxcare.1 of org.springframework.boot:spring-boot-starter-integration." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-integration@2.3.6.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b0042da0-2be6-5f74-9664-e26b2958029b", "id": "CVE-2026-22733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22733 affects version 2.3.6.RELEASE-tuxcare.1 of org.springframework.boot:spring-boot-starter-integration." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-integration@2.3.6.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7c1538f1-a5ae-5a12-9d30-6d1edae4432d", "id": "CVE-2026-40972", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40972 affects version 2.3.6.RELEASE-tuxcare.1 of org.springframework.boot:spring-boot-starter-integration." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-integration@2.3.6.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d11e0089-66fe-548b-8fb6-c9e834c37f3b", "id": "CVE-2026-40973", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40973 affects version 2.3.6.RELEASE-tuxcare.1 of org.springframework.boot:spring-boot-starter-integration." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-integration@2.3.6.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:905e4805-050d-5fba-b2e1-1af981368164", "id": "CVE-2026-40974", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40974 affects version 2.3.6.RELEASE-tuxcare.1 of org.springframework.boot:spring-boot-starter-integration." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-integration@2.3.6.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2a9f3f77-6d01-5fb9-9552-f1ef98a3d05b", "id": "CVE-2026-40975", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40975 affects version 2.3.6.RELEASE-tuxcare.1 of org.springframework.boot:spring-boot-starter-integration." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-integration@2.3.6.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c9f04e7a-ff0b-503c-a34a-3c2a79952128", "id": "CVE-2026-40977", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40977 affects version 2.3.6.RELEASE-tuxcare.1 of org.springframework.boot:spring-boot-starter-integration." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-integration@2.3.6.RELEASE-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-integration@2.3.6.RELEASE-tuxcare.1" } ] }