{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:14f10c1f-6d0a-561c-a508-c432f74e4d91", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.boot/spring-boot-starter-rsocket@2.6.15-tuxcare.3", "type": "library", "group": "org.springframework.boot", "name": "spring-boot-starter-rsocket", "version": "2.6.15-tuxcare.3", "purl": "pkg:maven/org.springframework.boot/spring-boot-starter-rsocket@2.6.15-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:31a4d37a-533e-5472-a1cd-a2ce3d6cfc31", "id": "CVE-2023-34055", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34055 affects version 2.6.15-tuxcare.3 of org.springframework.boot:spring-boot-starter-rsocket." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-rsocket@2.6.15-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:30205daf-f55f-5d5c-9eaa-6732265e2fe7", "id": "CVE-2024-38807", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38807 affects version 2.6.15-tuxcare.3 of org.springframework.boot:spring-boot-starter-rsocket." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-rsocket@2.6.15-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:df638411-b320-5eae-9348-fab46422830a", "id": "CVE-2025-22235", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22235 is fixed in version 2.6.15-tuxcare.3 of org.springframework.boot:spring-boot-starter-rsocket." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-rsocket@2.6.15-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9fd60317-06c0-5f94-b853-511aff70ff47", "id": "CVE-2026-22733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22733 affects version 2.6.15-tuxcare.3 of org.springframework.boot:spring-boot-starter-rsocket." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-rsocket@2.6.15-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b39cfd7e-b73c-5e24-a89d-19e240786e68", "id": "CVE-2026-40972", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40972 affects version 2.6.15-tuxcare.3 of org.springframework.boot:spring-boot-starter-rsocket." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-rsocket@2.6.15-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c5b41ddc-ac7e-585f-9c4e-cff8132fcaaf", "id": "CVE-2026-40973", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40973 affects version 2.6.15-tuxcare.3 of org.springframework.boot:spring-boot-starter-rsocket." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-rsocket@2.6.15-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dc507207-03bf-5fec-89ab-1ca2bf2eab38", "id": "CVE-2026-40974", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40974 affects version 2.6.15-tuxcare.3 of org.springframework.boot:spring-boot-starter-rsocket." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-rsocket@2.6.15-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a3d699b9-57dc-530c-8940-09bb65251fb4", "id": "CVE-2026-40975", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40975 affects version 2.6.15-tuxcare.3 of org.springframework.boot:spring-boot-starter-rsocket." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-rsocket@2.6.15-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b99aa1ae-153c-5720-b3d8-f659b0cb3938", "id": "CVE-2026-40977", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40977 affects version 2.6.15-tuxcare.3 of org.springframework.boot:spring-boot-starter-rsocket." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-rsocket@2.6.15-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-rsocket@2.6.15-tuxcare.3" } ] }