{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:0d3b3e9c-ea60-5384-9faa-f667e3d3dd9b", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.boot/spring-boot-actuator@3.3.13-tuxcare.5", "type": "library", "group": "org.springframework.boot", "name": "spring-boot-actuator", "version": "3.3.13-tuxcare.5", "purl": "pkg:maven/org.springframework.boot/spring-boot-actuator@3.3.13-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:04c9b792-25f1-54fb-804c-d2a50cd9fcae", "id": "CVE-2025-22235", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2025-22235 does not affect version 3.3.13-tuxcare.5 of org.springframework.boot:spring-boot-actuator. This CVE was fixed in version 3.3.11 (https://security.snyk.io/vuln/SNYK-JAVA-ORGSPRINGFRAMEWORKBOOT-9804539, https://github.com/advisories/GHSA-rc42-6c7j-7h5r) so version 3.3.13 is not affected" }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-actuator@3.3.13-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ff3a9c76-6432-5b62-bce9-decb89a364da", "id": "CVE-2026-22733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22733 is fixed in version 3.3.13-tuxcare.5 of org.springframework.boot:spring-boot-actuator." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-actuator@3.3.13-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d9bfc0b6-6e7e-534b-816c-6b540be84cb3", "id": "CVE-2026-40972", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-40972 is fixed in version 3.3.13-tuxcare.5 of org.springframework.boot:spring-boot-actuator." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-actuator@3.3.13-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f9f5f5a7-77ab-5979-af89-7ca6423262fb", "id": "CVE-2026-40973", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-40973 is fixed in version 3.3.13-tuxcare.5 of org.springframework.boot:spring-boot-actuator." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-actuator@3.3.13-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d6fa45e5-2b00-57c7-b0c3-39a240d35e67", "id": "CVE-2026-40974", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-40974 is fixed in version 3.3.13-tuxcare.5 of org.springframework.boot:spring-boot-actuator." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-actuator@3.3.13-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:12e6930b-35cc-5407-acfb-2aa5a245bc8a", "id": "CVE-2026-40975", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-40975 is fixed in version 3.3.13-tuxcare.5 of org.springframework.boot:spring-boot-actuator." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-actuator@3.3.13-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:12c7142a-3662-5a9e-acb7-7287f5f80ad3", "id": "CVE-2026-40977", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-40977 is fixed in version 3.3.13-tuxcare.5 of org.springframework.boot:spring-boot-actuator." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-actuator@3.3.13-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f6cba365-6d81-568d-83dd-61aee5a25a8a", "id": "CVE-2026-40992", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40992 affects version 3.3.13-tuxcare.5 of org.springframework.boot:spring-boot-actuator." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-actuator@3.3.13-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:aa61a328-db5a-558b-8ab7-ab048aeab28b", "id": "CVE-2026-41001", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41001 affects version 3.3.13-tuxcare.5 of org.springframework.boot:spring-boot-actuator." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-actuator@3.3.13-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-actuator@3.3.13-tuxcare.5" } ] }