{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:30805433-8c14-5221-b5b5-21b1e2d63dc1", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.boot/spring-boot-devtools@2.7.18-tuxcare.13", "type": "library", "group": "org.springframework.boot", "name": "spring-boot-devtools", "version": "2.7.18-tuxcare.13", "purl": "pkg:maven/org.springframework.boot/spring-boot-devtools@2.7.18-tuxcare.13" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:8065a28e-0780-56e9-bab0-e50249f18d9b", "id": "CVE-2023-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-38286 is fixed in version 2.7.18-tuxcare.13 of org.springframework.boot:spring-boot-devtools." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-devtools@2.7.18-tuxcare.13" } ] }, { "bom-ref": "urn:uuid:04357696-aaee-535b-b02b-b27557f1b449", "id": "CVE-2024-38807", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38807 is fixed in version 2.7.18-tuxcare.13 of org.springframework.boot:spring-boot-devtools." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-devtools@2.7.18-tuxcare.13" } ] }, { "bom-ref": "urn:uuid:6011e7db-2284-5cc5-aa08-123e7691b80c", "id": "CVE-2025-22235", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22235 is fixed in version 2.7.18-tuxcare.13 of org.springframework.boot:spring-boot-devtools." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-devtools@2.7.18-tuxcare.13" } ] }, { "bom-ref": "urn:uuid:2fcaa05d-cfa8-5880-b28d-f800e3cbf36b", "id": "CVE-2026-22733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22733 is fixed in version 2.7.18-tuxcare.13 of org.springframework.boot:spring-boot-devtools." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-devtools@2.7.18-tuxcare.13" } ] }, { "bom-ref": "urn:uuid:bbaf96f5-5fb1-57a6-9bfb-836ea5e550ef", "id": "CVE-2026-40972", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40972 affects version 2.7.18-tuxcare.13 of org.springframework.boot:spring-boot-devtools." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-devtools@2.7.18-tuxcare.13" } ] }, { "bom-ref": "urn:uuid:810d9f72-7fea-55a4-ac8d-59b10837238c", "id": "CVE-2026-40973", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40973 affects version 2.7.18-tuxcare.13 of org.springframework.boot:spring-boot-devtools." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-devtools@2.7.18-tuxcare.13" } ] }, { "bom-ref": "urn:uuid:7cced0bb-9818-57ec-962d-e0bce60638a9", "id": "CVE-2026-40974", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40974 affects version 2.7.18-tuxcare.13 of org.springframework.boot:spring-boot-devtools." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-devtools@2.7.18-tuxcare.13" } ] }, { "bom-ref": "urn:uuid:294ff19b-7188-56e2-9335-5cdec977c77e", "id": "CVE-2026-40975", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40975 affects version 2.7.18-tuxcare.13 of org.springframework.boot:spring-boot-devtools." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-devtools@2.7.18-tuxcare.13" } ] }, { "bom-ref": "urn:uuid:309f4b81-09ee-587f-a31f-1dc20bdbca6c", "id": "CVE-2026-40977", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40977 affects version 2.7.18-tuxcare.13 of org.springframework.boot:spring-boot-devtools." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-devtools@2.7.18-tuxcare.13" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-devtools@2.7.18-tuxcare.13" } ] }