{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:bc032d69-769b-5b14-9eac-8bbc13bec097", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.boot/spring-boot-starter-mail@2.6.15-tuxcare.10", "type": "library", "group": "org.springframework.boot", "name": "spring-boot-starter-mail", "version": "2.6.15-tuxcare.10", "purl": "pkg:maven/org.springframework.boot/spring-boot-starter-mail@2.6.15-tuxcare.10" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:66103a2d-a910-575c-a622-942f03e95122", "id": "CVE-2023-34055", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34055 is fixed in version 2.6.15-tuxcare.10 of org.springframework.boot:spring-boot-starter-mail." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-mail@2.6.15-tuxcare.10" } ] }, { "bom-ref": "urn:uuid:29c24191-aa4a-5c4c-8ff3-2c12c6704155", "id": "CVE-2024-38807", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38807 is fixed in version 2.6.15-tuxcare.10 of org.springframework.boot:spring-boot-starter-mail." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-mail@2.6.15-tuxcare.10" } ] }, { "bom-ref": "urn:uuid:427555c4-19b4-5fd0-a8bd-1ee54543fde2", "id": "CVE-2025-22235", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22235 is fixed in version 2.6.15-tuxcare.10 of org.springframework.boot:spring-boot-starter-mail." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-mail@2.6.15-tuxcare.10" } ] }, { "bom-ref": "urn:uuid:551d9018-2434-50c8-822a-2e92f208d970", "id": "CVE-2026-22733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22733 is fixed in version 2.6.15-tuxcare.10 of org.springframework.boot:spring-boot-starter-mail." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-mail@2.6.15-tuxcare.10" } ] }, { "bom-ref": "urn:uuid:ea83b319-97b9-53f9-860c-06c440c7ee67", "id": "CVE-2026-40972", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40972 affects version 2.6.15-tuxcare.10 of org.springframework.boot:spring-boot-starter-mail." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-mail@2.6.15-tuxcare.10" } ] }, { "bom-ref": "urn:uuid:a3386b9d-840f-5cd7-b2fe-deec2a47ceb4", "id": "CVE-2026-40973", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40973 affects version 2.6.15-tuxcare.10 of org.springframework.boot:spring-boot-starter-mail." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-mail@2.6.15-tuxcare.10" } ] }, { "bom-ref": "urn:uuid:0bf8fc45-2073-5d39-9123-e5ab6b16b7bd", "id": "CVE-2026-40974", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40974 affects version 2.6.15-tuxcare.10 of org.springframework.boot:spring-boot-starter-mail." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-mail@2.6.15-tuxcare.10" } ] }, { "bom-ref": "urn:uuid:26253619-6b72-521b-939a-78858ad00b55", "id": "CVE-2026-40975", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40975 affects version 2.6.15-tuxcare.10 of org.springframework.boot:spring-boot-starter-mail." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-mail@2.6.15-tuxcare.10" } ] }, { "bom-ref": "urn:uuid:c644ce7d-4229-5e84-b684-9f67a7550a91", "id": "CVE-2026-40977", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40977 affects version 2.6.15-tuxcare.10 of org.springframework.boot:spring-boot-starter-mail." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-mail@2.6.15-tuxcare.10" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-mail@2.6.15-tuxcare.10" } ] }