{
  "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
  "bomFormat": "CycloneDX",
  "specVersion": "1.6",
  "serialNumber": "urn:uuid:a8202bc8-d99f-5bed-836a-6cc7c57b463a",
  "version": 1,
  "metadata": {
    "tools": [
      {
        "name": "tuxcare-vex-generator",
        "version": "1.0.0"
      }
    ]
  },
  "components": [
    {
      "bom-ref": "pkg:maven/org.springframework.boot/org.springframework.boot.gradle.plugin@2.4.6-tuxcare.3",
      "type": "library",
      "group": "org.springframework.boot",
      "name": "org.springframework.boot.gradle.plugin",
      "version": "2.4.6-tuxcare.3",
      "purl": "pkg:maven/org.springframework.boot/org.springframework.boot.gradle.plugin@2.4.6-tuxcare.3"
    }
  ],
  "vulnerabilities": [
    {
      "bom-ref": "urn:uuid:903fe494-d92e-5117-b819-07edff245ad8",
      "id": "CVE-2022-22965",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2022-22965 is fixed in version 2.4.6-tuxcare.3 of org.springframework.boot:org.springframework.boot.gradle.plugin."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/org.springframework.boot.gradle.plugin@2.4.6-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:c4fae1e9-d35c-5fd3-8819-885c99ebbb1d",
      "id": "CVE-2023-20873",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2023-20873 is fixed in version 2.4.6-tuxcare.3 of org.springframework.boot:org.springframework.boot.gradle.plugin."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/org.springframework.boot.gradle.plugin@2.4.6-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:8f6f0a59-d143-5bb7-8d2e-fea78609bbf0",
      "id": "CVE-2023-20883",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2023-20883 is fixed in version 2.4.6-tuxcare.3 of org.springframework.boot:org.springframework.boot.gradle.plugin."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/org.springframework.boot.gradle.plugin@2.4.6-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:e4cc2950-0d50-5358-92de-9b7b9cf9d7d5",
      "id": "CVE-2023-34055",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2023-34055 is fixed in version 2.4.6-tuxcare.3 of org.springframework.boot:org.springframework.boot.gradle.plugin."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/org.springframework.boot.gradle.plugin@2.4.6-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:8418203f-674e-53bb-a0df-963969392d78",
      "id": "CVE-2023-38286",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2023-38286 affects version 2.4.6-tuxcare.3 of org.springframework.boot:org.springframework.boot.gradle.plugin."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/org.springframework.boot.gradle.plugin@2.4.6-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:330d0ebc-5a45-53e7-8682-ed299fa88d70",
      "id": "CVE-2024-38807",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-38807 affects version 2.4.6-tuxcare.3 of org.springframework.boot:org.springframework.boot.gradle.plugin."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/org.springframework.boot.gradle.plugin@2.4.6-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:f31c1ca2-6b9d-5dac-93df-ebb794922bc4",
      "id": "CVE-2025-22235",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-22235 is fixed in version 2.4.6-tuxcare.3 of org.springframework.boot:org.springframework.boot.gradle.plugin."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/org.springframework.boot.gradle.plugin@2.4.6-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:e7228d88-e8b3-5bc9-836c-a40ed532822f",
      "id": "CVE-2026-22733",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-22733 affects version 2.4.6-tuxcare.3 of org.springframework.boot:org.springframework.boot.gradle.plugin."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/org.springframework.boot.gradle.plugin@2.4.6-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:d1117304-2487-570f-afb9-dcf5dd0d9d44",
      "id": "CVE-2026-40972",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-40972 affects version 2.4.6-tuxcare.3 of org.springframework.boot:org.springframework.boot.gradle.plugin."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/org.springframework.boot.gradle.plugin@2.4.6-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:013ed780-b82c-5496-beea-f96d05c4c565",
      "id": "CVE-2026-40973",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-40973 affects version 2.4.6-tuxcare.3 of org.springframework.boot:org.springframework.boot.gradle.plugin."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/org.springframework.boot.gradle.plugin@2.4.6-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:79690afa-803a-572a-ba89-5f054233aa2a",
      "id": "CVE-2026-40974",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-40974 affects version 2.4.6-tuxcare.3 of org.springframework.boot:org.springframework.boot.gradle.plugin."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/org.springframework.boot.gradle.plugin@2.4.6-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:88b60f89-4849-5368-8d69-7385466fddf6",
      "id": "CVE-2026-40975",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-40975 affects version 2.4.6-tuxcare.3 of org.springframework.boot:org.springframework.boot.gradle.plugin."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/org.springframework.boot.gradle.plugin@2.4.6-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:ba7a777b-f7f7-5e6a-8daa-c6be10cd0e94",
      "id": "CVE-2026-40977",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-40977 affects version 2.4.6-tuxcare.3 of org.springframework.boot:org.springframework.boot.gradle.plugin."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/org.springframework.boot.gradle.plugin@2.4.6-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:bec29ae5-7240-50bc-8d4d-c4d0c03235c2",
      "id": "CVE-2026-40992",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-40992 affects version 2.4.6-tuxcare.3 of org.springframework.boot:org.springframework.boot.gradle.plugin."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/org.springframework.boot.gradle.plugin@2.4.6-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:c682a821-31a8-5c65-9c14-e78c54ab61b2",
      "id": "CVE-2026-41001",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-41001 affects version 2.4.6-tuxcare.3 of org.springframework.boot:org.springframework.boot.gradle.plugin."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/org.springframework.boot.gradle.plugin@2.4.6-tuxcare.3"
        }
      ]
    }
  ],
  "dependencies": [
    {
      "ref": "pkg:maven/org.springframework.boot/org.springframework.boot.gradle.plugin@2.4.6-tuxcare.3"
    }
  ]
}