{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:7e3f0356-980d-59c8-bf0e-c6951b797a61", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.boot/spring-boot-starter-jdbc@2.6.15-tuxcare.4", "type": "library", "group": "org.springframework.boot", "name": "spring-boot-starter-jdbc", "version": "2.6.15-tuxcare.4", "purl": "pkg:maven/org.springframework.boot/spring-boot-starter-jdbc@2.6.15-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:e2f4c252-4c7e-5efe-b994-3ea8907c64fe", "id": "CVE-2023-34055", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34055 affects version 2.6.15-tuxcare.4 of org.springframework.boot:spring-boot-starter-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-jdbc@2.6.15-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:719c1906-a376-59d8-8b68-6ba06c0d9696", "id": "CVE-2024-38807", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38807 affects version 2.6.15-tuxcare.4 of org.springframework.boot:spring-boot-starter-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-jdbc@2.6.15-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c5c77e82-35b4-544a-83d4-972443967442", "id": "CVE-2025-22235", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22235 is fixed in version 2.6.15-tuxcare.4 of org.springframework.boot:spring-boot-starter-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-jdbc@2.6.15-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bf6e97d6-68fd-5e7b-8198-ea46744c9cc0", "id": "CVE-2026-22733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22733 affects version 2.6.15-tuxcare.4 of org.springframework.boot:spring-boot-starter-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-jdbc@2.6.15-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ccb9b47f-491a-52fe-a7d5-dfdea37e6693", "id": "CVE-2026-40972", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40972 affects version 2.6.15-tuxcare.4 of org.springframework.boot:spring-boot-starter-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-jdbc@2.6.15-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f3053a53-c753-59eb-b6be-a1c712940a2e", "id": "CVE-2026-40973", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40973 affects version 2.6.15-tuxcare.4 of org.springframework.boot:spring-boot-starter-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-jdbc@2.6.15-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cbc1d7df-b462-5f24-bed8-467bfe9d7bde", "id": "CVE-2026-40974", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40974 affects version 2.6.15-tuxcare.4 of org.springframework.boot:spring-boot-starter-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-jdbc@2.6.15-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d138c9cb-e5f1-528b-86eb-2b3083c80cb6", "id": "CVE-2026-40975", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40975 affects version 2.6.15-tuxcare.4 of org.springframework.boot:spring-boot-starter-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-jdbc@2.6.15-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0e63fc67-cce5-5356-a537-79d6b00e195f", "id": "CVE-2026-40977", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40977 affects version 2.6.15-tuxcare.4 of org.springframework.boot:spring-boot-starter-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-jdbc@2.6.15-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-jdbc@2.6.15-tuxcare.4" } ] }