{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:589b28d5-fce4-5183-8dea-d284f50d56b2", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.boot/spring-boot-antlib@2.4.6-tuxcare.3", "type": "library", "group": "org.springframework.boot", "name": "spring-boot-antlib", "version": "2.4.6-tuxcare.3", "purl": "pkg:maven/org.springframework.boot/spring-boot-antlib@2.4.6-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:a36eff4b-f3da-5f0b-aa8e-50b23a53914a", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-antlib." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-antlib@2.4.6-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:88a5546a-d0f0-5905-9d0b-fef9301067af", "id": "CVE-2023-20873", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20873 is fixed in version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-antlib." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-antlib@2.4.6-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ba6a6b3f-bc52-5e45-8ffa-9cc5427a5503", "id": "CVE-2023-20883", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20883 is fixed in version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-antlib." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-antlib@2.4.6-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7d63f968-c920-5da6-8516-19ef4009907d", "id": "CVE-2023-34055", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34055 is fixed in version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-antlib." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-antlib@2.4.6-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1673aa89-f707-5ffa-a41f-501d63714da6", "id": "CVE-2023-38286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-38286 affects version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-antlib." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-antlib@2.4.6-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:64cff1b1-a3a3-5a7e-9803-f1490832be25", "id": "CVE-2024-38807", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38807 affects version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-antlib." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-antlib@2.4.6-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2b6abdec-c9e5-5deb-baf7-aa48efa5f95e", "id": "CVE-2025-22235", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22235 is fixed in version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-antlib." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-antlib@2.4.6-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:be0b6fc2-28ad-588b-861b-f0bf7c7b4173", "id": "CVE-2026-22733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22733 affects version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-antlib." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-antlib@2.4.6-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0ba34495-52ce-59f9-971f-107089927c6d", "id": "CVE-2026-40972", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40972 affects version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-antlib." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-antlib@2.4.6-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c6d3856c-f7ba-51d7-af3b-fdfffc2a39f0", "id": "CVE-2026-40973", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40973 affects version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-antlib." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-antlib@2.4.6-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:643d740d-e09a-578f-9b98-6df94c7b30d4", "id": "CVE-2026-40974", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40974 affects version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-antlib." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-antlib@2.4.6-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:43218d74-e969-5143-be0b-f224a12b2a1c", "id": "CVE-2026-40975", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40975 affects version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-antlib." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-antlib@2.4.6-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8a21df37-6617-5953-8d8c-c0b967054fc6", "id": "CVE-2026-40977", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40977 affects version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-antlib." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-antlib@2.4.6-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b59895ca-8234-5043-9402-72317986f668", "id": "CVE-2026-40992", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40992 affects version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-antlib." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-antlib@2.4.6-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a78c77f8-9fa0-5700-a1be-7d3a9b8288f4", "id": "CVE-2026-41001", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41001 affects version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-antlib." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-antlib@2.4.6-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-antlib@2.4.6-tuxcare.3" } ] }