{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:a7cec64e-aa7b-5970-86bf-663e2cb83168", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.boot/spring-boot-antlib@2.7.18.tuxcare", "type": "library", "group": "org.springframework.boot", "name": "spring-boot-antlib", "version": "2.7.18.tuxcare", "purl": "pkg:maven/org.springframework.boot/spring-boot-antlib@2.7.18.tuxcare" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:1ca9f5bc-7718-523e-b988-0346a68880b4", "id": "CVE-2023-38286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-38286 affects version 2.7.18.tuxcare of org.springframework.boot:spring-boot-antlib." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-antlib@2.7.18.tuxcare" } ] }, { "bom-ref": "urn:uuid:bb5bb23c-882d-53ef-b6da-c01bb0261ca5", "id": "CVE-2024-38807", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38807 affects version 2.7.18.tuxcare of org.springframework.boot:spring-boot-antlib." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-antlib@2.7.18.tuxcare" } ] }, { "bom-ref": "urn:uuid:9d35c89b-24ac-5b84-876d-6029a5839e71", "id": "CVE-2025-22235", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22235 affects version 2.7.18.tuxcare of org.springframework.boot:spring-boot-antlib." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-antlib@2.7.18.tuxcare" } ] }, { "bom-ref": "urn:uuid:b9d4275d-4b65-5987-818b-3d2b4c38aff5", "id": "CVE-2026-22733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22733 affects version 2.7.18.tuxcare of org.springframework.boot:spring-boot-antlib." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-antlib@2.7.18.tuxcare" } ] }, { "bom-ref": "urn:uuid:0d6f4d5c-b523-5d59-932a-a38ddc3c39b1", "id": "CVE-2026-40972", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40972 affects version 2.7.18.tuxcare of org.springframework.boot:spring-boot-antlib." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-antlib@2.7.18.tuxcare" } ] }, { "bom-ref": "urn:uuid:7e7a8d39-9feb-568b-9ff6-3c9e330692ac", "id": "CVE-2026-40973", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40973 affects version 2.7.18.tuxcare of org.springframework.boot:spring-boot-antlib." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-antlib@2.7.18.tuxcare" } ] }, { "bom-ref": "urn:uuid:039f567d-bbb2-5f05-bdf9-5f71c97ec2af", "id": "CVE-2026-40974", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40974 affects version 2.7.18.tuxcare of org.springframework.boot:spring-boot-antlib." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-antlib@2.7.18.tuxcare" } ] }, { "bom-ref": "urn:uuid:6eec6281-189f-5a15-bfa5-c63930b14c81", "id": "CVE-2026-40975", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40975 affects version 2.7.18.tuxcare of org.springframework.boot:spring-boot-antlib." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-antlib@2.7.18.tuxcare" } ] }, { "bom-ref": "urn:uuid:175724c4-d974-5e9e-bf2a-14f46180fbfc", "id": "CVE-2026-40977", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40977 affects version 2.7.18.tuxcare of org.springframework.boot:spring-boot-antlib." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-antlib@2.7.18.tuxcare" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-antlib@2.7.18.tuxcare" } ] }