{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:78656dbf-670f-5f8a-8383-9799f717e48f", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.boot/spring-boot-gradle-plugin@2.6.15-tuxcare.7", "type": "library", "group": "org.springframework.boot", "name": "spring-boot-gradle-plugin", "version": "2.6.15-tuxcare.7", "purl": "pkg:maven/org.springframework.boot/spring-boot-gradle-plugin@2.6.15-tuxcare.7" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:16bb8e44-bec9-58d9-b667-442b50453d40", "id": "CVE-2023-34055", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34055 is fixed in version 2.6.15-tuxcare.7 of org.springframework.boot:spring-boot-gradle-plugin." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-gradle-plugin@2.6.15-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:5d31398f-6ad1-5036-bd5c-1e4e599bbf33", "id": "CVE-2024-38807", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38807 affects version 2.6.15-tuxcare.7 of org.springframework.boot:spring-boot-gradle-plugin." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-gradle-plugin@2.6.15-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:b62e3f97-0236-5bc8-9c9d-63ee06766cc1", "id": "CVE-2025-22235", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22235 is fixed in version 2.6.15-tuxcare.7 of org.springframework.boot:spring-boot-gradle-plugin." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-gradle-plugin@2.6.15-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:2f6a74e3-7e7e-5a4e-8c84-241fa9e6b2a6", "id": "CVE-2026-22733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22733 affects version 2.6.15-tuxcare.7 of org.springframework.boot:spring-boot-gradle-plugin." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-gradle-plugin@2.6.15-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:0d586182-0411-5bec-ba82-84687e89a626", "id": "CVE-2026-40972", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40972 affects version 2.6.15-tuxcare.7 of org.springframework.boot:spring-boot-gradle-plugin." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-gradle-plugin@2.6.15-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:76e8366e-553f-50b3-9b08-6f7785481aed", "id": "CVE-2026-40973", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40973 affects version 2.6.15-tuxcare.7 of org.springframework.boot:spring-boot-gradle-plugin." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-gradle-plugin@2.6.15-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:f316cd9e-5df4-542f-b06a-3db121156401", "id": "CVE-2026-40974", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40974 affects version 2.6.15-tuxcare.7 of org.springframework.boot:spring-boot-gradle-plugin." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-gradle-plugin@2.6.15-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:301beee7-00ce-56c4-982a-ea1a92756ecb", "id": "CVE-2026-40975", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40975 affects version 2.6.15-tuxcare.7 of org.springframework.boot:spring-boot-gradle-plugin." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-gradle-plugin@2.6.15-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:f5ecdc2a-cbaa-55cb-921d-cb091b3391dd", "id": "CVE-2026-40977", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40977 affects version 2.6.15-tuxcare.7 of org.springframework.boot:spring-boot-gradle-plugin." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-gradle-plugin@2.6.15-tuxcare.7" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-gradle-plugin@2.6.15-tuxcare.7" } ] }