{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:94ed4044-8adc-5358-bffa-cd57ccfb99d1", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.boot/spring-boot-starter-jersey@2.7.18.tuxcare.3", "type": "library", "group": "org.springframework.boot", "name": "spring-boot-starter-jersey", "version": "2.7.18.tuxcare.3", "purl": "pkg:maven/org.springframework.boot/spring-boot-starter-jersey@2.7.18.tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:b4a98150-15a9-5dab-b408-f0b73a960b33", "id": "CVE-2023-38286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-38286 affects version 2.7.18.tuxcare.3 of org.springframework.boot:spring-boot-starter-jersey." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-jersey@2.7.18.tuxcare.3" } ] }, { "bom-ref": "urn:uuid:62a9cb3d-3773-5acc-a06f-3b7709617e95", "id": "CVE-2024-38807", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38807 affects version 2.7.18.tuxcare.3 of org.springframework.boot:spring-boot-starter-jersey." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-jersey@2.7.18.tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7dbdae58-e538-5b61-9896-dc6bfef62539", "id": "CVE-2025-22235", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22235 affects version 2.7.18.tuxcare.3 of org.springframework.boot:spring-boot-starter-jersey." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-jersey@2.7.18.tuxcare.3" } ] }, { "bom-ref": "urn:uuid:27ca87c6-aaaf-510e-820f-11d6023d557e", "id": "CVE-2026-22733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22733 affects version 2.7.18.tuxcare.3 of org.springframework.boot:spring-boot-starter-jersey." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-jersey@2.7.18.tuxcare.3" } ] }, { "bom-ref": "urn:uuid:09634fd1-858a-554d-866d-a6041c28ef5f", "id": "CVE-2026-40972", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40972 affects version 2.7.18.tuxcare.3 of org.springframework.boot:spring-boot-starter-jersey." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-jersey@2.7.18.tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e08e6f95-c05a-59c2-bbbc-ce35bee2f6d1", "id": "CVE-2026-40973", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40973 affects version 2.7.18.tuxcare.3 of org.springframework.boot:spring-boot-starter-jersey." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-jersey@2.7.18.tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1e1314b3-d827-539c-8337-a771286b313a", "id": "CVE-2026-40974", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40974 affects version 2.7.18.tuxcare.3 of org.springframework.boot:spring-boot-starter-jersey." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-jersey@2.7.18.tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f027825d-46df-54d0-9ee9-3dcb1809f42a", "id": "CVE-2026-40975", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40975 affects version 2.7.18.tuxcare.3 of org.springframework.boot:spring-boot-starter-jersey." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-jersey@2.7.18.tuxcare.3" } ] }, { "bom-ref": "urn:uuid:588009a9-7eef-5ab1-af97-b5b0336ccbba", "id": "CVE-2026-40977", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40977 affects version 2.7.18.tuxcare.3 of org.springframework.boot:spring-boot-starter-jersey." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-jersey@2.7.18.tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-jersey@2.7.18.tuxcare.3" } ] }