{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:3a705b90-ed72-51d8-8e26-3c67992f91b8", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.boot/spring-boot-antlib@2.7.18.tuxcare.6", "type": "library", "group": "org.springframework.boot", "name": "spring-boot-antlib", "version": "2.7.18.tuxcare.6", "purl": "pkg:maven/org.springframework.boot/spring-boot-antlib@2.7.18.tuxcare.6" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:2a6cfe56-4864-54d7-9bff-a0411639e33f", "id": "CVE-2023-38286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-38286 affects version 2.7.18.tuxcare.6 of org.springframework.boot:spring-boot-antlib." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-antlib@2.7.18.tuxcare.6" } ] }, { "bom-ref": "urn:uuid:3eb7e4aa-21e8-5403-bb39-1247ada19614", "id": "CVE-2024-38807", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38807 is fixed in version 2.7.18.tuxcare.6 of org.springframework.boot:spring-boot-antlib." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-antlib@2.7.18.tuxcare.6" } ] }, { "bom-ref": "urn:uuid:2460218e-a28a-5837-ac83-4746bce89e6a", "id": "CVE-2025-22235", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22235 is fixed in version 2.7.18.tuxcare.6 of org.springframework.boot:spring-boot-antlib." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-antlib@2.7.18.tuxcare.6" } ] }, { "bom-ref": "urn:uuid:887dfd76-e7fe-5559-85e2-7a423dd8d964", "id": "CVE-2026-22733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22733 affects version 2.7.18.tuxcare.6 of org.springframework.boot:spring-boot-antlib." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-antlib@2.7.18.tuxcare.6" } ] }, { "bom-ref": "urn:uuid:a565d422-c269-5909-b671-0458c73a311c", "id": "CVE-2026-40972", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40972 affects version 2.7.18.tuxcare.6 of org.springframework.boot:spring-boot-antlib." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-antlib@2.7.18.tuxcare.6" } ] }, { "bom-ref": "urn:uuid:0da3f846-0fbc-59ef-b27d-c5e6ff9295cb", "id": "CVE-2026-40973", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40973 affects version 2.7.18.tuxcare.6 of org.springframework.boot:spring-boot-antlib." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-antlib@2.7.18.tuxcare.6" } ] }, { "bom-ref": "urn:uuid:85549796-e27e-55b7-b92f-7ff8ee7066a9", "id": "CVE-2026-40974", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40974 affects version 2.7.18.tuxcare.6 of org.springframework.boot:spring-boot-antlib." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-antlib@2.7.18.tuxcare.6" } ] }, { "bom-ref": "urn:uuid:3dd9fe67-b7ad-5441-a4a7-0afe438f3ec3", "id": "CVE-2026-40975", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40975 affects version 2.7.18.tuxcare.6 of org.springframework.boot:spring-boot-antlib." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-antlib@2.7.18.tuxcare.6" } ] }, { "bom-ref": "urn:uuid:40f771c9-140b-5c89-89fd-c066848fcbc0", "id": "CVE-2026-40977", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40977 affects version 2.7.18.tuxcare.6 of org.springframework.boot:spring-boot-antlib." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-antlib@2.7.18.tuxcare.6" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-antlib@2.7.18.tuxcare.6" } ] }