{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:2ed90103-271f-5a12-b239-91d66107faae", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.boot/spring-boot-antlib@2.4.6-tuxcare.4", "type": "library", "group": "org.springframework.boot", "name": "spring-boot-antlib", "version": "2.4.6-tuxcare.4", "purl": "pkg:maven/org.springframework.boot/spring-boot-antlib@2.4.6-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:a799abc5-4986-5622-86cd-f23a09c47a65", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 2.4.6-tuxcare.4 of org.springframework.boot:spring-boot-antlib." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-antlib@2.4.6-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:095164af-9064-5a3f-96df-6d6f5379cb76", "id": "CVE-2023-20873", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20873 is fixed in version 2.4.6-tuxcare.4 of org.springframework.boot:spring-boot-antlib." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-antlib@2.4.6-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:159033e4-625d-577a-9a32-f043a5495389", "id": "CVE-2023-20883", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20883 is fixed in version 2.4.6-tuxcare.4 of org.springframework.boot:spring-boot-antlib." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-antlib@2.4.6-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fcae28d3-4059-5f90-a266-cbef35832495", "id": "CVE-2023-34055", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34055 is fixed in version 2.4.6-tuxcare.4 of org.springframework.boot:spring-boot-antlib." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-antlib@2.4.6-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3745f367-b2c6-5cba-8566-2cec3a499b8c", "id": "CVE-2023-38286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-38286 affects version 2.4.6-tuxcare.4 of org.springframework.boot:spring-boot-antlib." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-antlib@2.4.6-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6e6443bc-9679-546e-9d45-132e6e0e08dc", "id": "CVE-2024-38807", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38807 affects version 2.4.6-tuxcare.4 of org.springframework.boot:spring-boot-antlib." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-antlib@2.4.6-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:533e2822-a1d4-53d1-b94c-8bab66b826ee", "id": "CVE-2025-22235", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22235 is fixed in version 2.4.6-tuxcare.4 of org.springframework.boot:spring-boot-antlib." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-antlib@2.4.6-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9aab87a2-bcb6-53b2-8f56-8f51e23d5f00", "id": "CVE-2026-22733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22733 is fixed in version 2.4.6-tuxcare.4 of org.springframework.boot:spring-boot-antlib." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-antlib@2.4.6-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:91310317-7143-5546-8a9b-d70344f1dc7c", "id": "CVE-2026-40972", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-40972 is fixed in version 2.4.6-tuxcare.4 of org.springframework.boot:spring-boot-antlib." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-antlib@2.4.6-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ce48c9a0-4c99-5ced-9170-c3afbe2e73a6", "id": "CVE-2026-40973", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40973 affects version 2.4.6-tuxcare.4 of org.springframework.boot:spring-boot-antlib." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-antlib@2.4.6-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e897f5e0-16e5-5b57-9828-acdbd7a2cb27", "id": "CVE-2026-40974", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40974 affects version 2.4.6-tuxcare.4 of org.springframework.boot:spring-boot-antlib." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-antlib@2.4.6-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:15278d1c-dfc0-57da-97e1-19535d01c10d", "id": "CVE-2026-40975", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-40975 is fixed in version 2.4.6-tuxcare.4 of org.springframework.boot:spring-boot-antlib." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-antlib@2.4.6-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:29f0cebd-8e1b-5462-bde1-63d70ea5c62a", "id": "CVE-2026-40977", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-40977 is fixed in version 2.4.6-tuxcare.4 of org.springframework.boot:spring-boot-antlib." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-antlib@2.4.6-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a31b8c0a-c2bf-57e5-98aa-41cedb233044", "id": "CVE-2026-40992", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40992 affects version 2.4.6-tuxcare.4 of org.springframework.boot:spring-boot-antlib." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-antlib@2.4.6-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ea862ad4-d223-53d0-8412-e98eabe5cf6f", "id": "CVE-2026-41001", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41001 affects version 2.4.6-tuxcare.4 of org.springframework.boot:spring-boot-antlib." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-antlib@2.4.6-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-antlib@2.4.6-tuxcare.4" } ] }