{
  "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
  "bomFormat": "CycloneDX",
  "specVersion": "1.6",
  "serialNumber": "urn:uuid:dc48fc27-9b3a-50b3-8b46-24d72182fa14",
  "version": 1,
  "metadata": {
    "tools": [
      {
        "name": "tuxcare-vex-generator",
        "version": "1.0.0"
      }
    ]
  },
  "components": [
    {
      "bom-ref": "pkg:maven/org.springframework.boot/spring-boot-actuator-autoconfigure@2.4.6-tuxcare.3",
      "type": "library",
      "group": "org.springframework.boot",
      "name": "spring-boot-actuator-autoconfigure",
      "version": "2.4.6-tuxcare.3",
      "purl": "pkg:maven/org.springframework.boot/spring-boot-actuator-autoconfigure@2.4.6-tuxcare.3"
    }
  ],
  "vulnerabilities": [
    {
      "bom-ref": "urn:uuid:a4be1f77-d04d-5569-8817-acf8c2ea6f62",
      "id": "CVE-2022-22965",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2022-22965 is fixed in version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-actuator-autoconfigure."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-actuator-autoconfigure@2.4.6-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:54406f00-2422-5d5b-93b4-ef0c79ff4356",
      "id": "CVE-2023-20873",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2023-20873 is fixed in version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-actuator-autoconfigure."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-actuator-autoconfigure@2.4.6-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:4a04a24e-a439-546b-92ec-9277ec8ecef3",
      "id": "CVE-2023-20883",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2023-20883 is fixed in version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-actuator-autoconfigure."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-actuator-autoconfigure@2.4.6-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:12d614f6-ea57-5498-bc65-7264cc3f6c28",
      "id": "CVE-2023-34055",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2023-34055 is fixed in version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-actuator-autoconfigure."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-actuator-autoconfigure@2.4.6-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:fc12d250-70d1-576d-859e-c7a1a39b71f5",
      "id": "CVE-2023-38286",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2023-38286 affects version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-actuator-autoconfigure."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-actuator-autoconfigure@2.4.6-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:79f51f2f-d9f5-5fa0-b4f6-f58be5b89aeb",
      "id": "CVE-2024-38807",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-38807 affects version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-actuator-autoconfigure."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-actuator-autoconfigure@2.4.6-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:0bf92fd3-9915-566b-a653-69532017d110",
      "id": "CVE-2025-22235",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-22235 is fixed in version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-actuator-autoconfigure."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-actuator-autoconfigure@2.4.6-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:d8c3cfac-a76d-5fc2-9086-06f687162315",
      "id": "CVE-2026-22733",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-22733 affects version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-actuator-autoconfigure."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-actuator-autoconfigure@2.4.6-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:3be06a5e-4ebb-59eb-927f-a058ce865eb9",
      "id": "CVE-2026-40972",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-40972 affects version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-actuator-autoconfigure."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-actuator-autoconfigure@2.4.6-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:f70e9522-013e-51cf-af18-7afae00cc45f",
      "id": "CVE-2026-40973",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-40973 affects version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-actuator-autoconfigure."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-actuator-autoconfigure@2.4.6-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:2e8a385c-b44d-51a1-9891-fe90e0b64943",
      "id": "CVE-2026-40974",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-40974 affects version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-actuator-autoconfigure."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-actuator-autoconfigure@2.4.6-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:812d0c23-d922-5d28-8cfa-722705c4854d",
      "id": "CVE-2026-40975",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-40975 affects version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-actuator-autoconfigure."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-actuator-autoconfigure@2.4.6-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:634f5d8b-374a-5780-b462-8dab2f599f17",
      "id": "CVE-2026-40977",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-40977 affects version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-actuator-autoconfigure."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-actuator-autoconfigure@2.4.6-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:f3d92e3e-c657-53b0-bb3a-dd36669a5144",
      "id": "CVE-2026-40992",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-40992 affects version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-actuator-autoconfigure."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-actuator-autoconfigure@2.4.6-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:3b5a8809-5e8f-5dfa-a3b8-2c23e69bc95c",
      "id": "CVE-2026-41001",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-41001 affects version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-actuator-autoconfigure."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-actuator-autoconfigure@2.4.6-tuxcare.3"
        }
      ]
    }
  ],
  "dependencies": [
    {
      "ref": "pkg:maven/org.springframework.boot/spring-boot-actuator-autoconfigure@2.4.6-tuxcare.3"
    }
  ]
}