{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:e4e19670-be7a-562e-99bb-36dc967dadaa", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.boot/spring-boot-dependencies@2.4.6-tuxcare.4", "type": "library", "group": "org.springframework.boot", "name": "spring-boot-dependencies", "version": "2.4.6-tuxcare.4", "purl": "pkg:maven/org.springframework.boot/spring-boot-dependencies@2.4.6-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:d61e5e32-18fa-5937-96d0-7f5345d6bb87", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 2.4.6-tuxcare.4 of org.springframework.boot:spring-boot-dependencies." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-dependencies@2.4.6-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3648dd69-9fd9-5fa3-8ea8-7deb372d3f59", "id": "CVE-2023-20873", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20873 is fixed in version 2.4.6-tuxcare.4 of org.springframework.boot:spring-boot-dependencies." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-dependencies@2.4.6-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7e796ff5-c1cb-5b11-b172-f2d6d985a91e", "id": "CVE-2023-20883", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20883 is fixed in version 2.4.6-tuxcare.4 of org.springframework.boot:spring-boot-dependencies." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-dependencies@2.4.6-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7ad082ce-d2bf-5324-901f-de1f932aa697", "id": "CVE-2023-34055", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34055 is fixed in version 2.4.6-tuxcare.4 of org.springframework.boot:spring-boot-dependencies." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-dependencies@2.4.6-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6b2cef90-b0f4-502e-8594-e8534a0d5c7a", "id": "CVE-2023-38286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-38286 affects version 2.4.6-tuxcare.4 of org.springframework.boot:spring-boot-dependencies." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-dependencies@2.4.6-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d81c2d1e-114e-5450-acd4-53aa72398767", "id": "CVE-2024-38807", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38807 affects version 2.4.6-tuxcare.4 of org.springframework.boot:spring-boot-dependencies." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-dependencies@2.4.6-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:82ad05b2-f2aa-5b59-9661-2b20de21ed9e", "id": "CVE-2025-22235", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22235 is fixed in version 2.4.6-tuxcare.4 of org.springframework.boot:spring-boot-dependencies." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-dependencies@2.4.6-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f8e7f3fd-bfc0-55e6-96ba-fd85b74ff4d6", "id": "CVE-2026-22733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22733 is fixed in version 2.4.6-tuxcare.4 of org.springframework.boot:spring-boot-dependencies." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-dependencies@2.4.6-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:79dd3d0c-85db-5391-8f2d-9c01043ffdba", "id": "CVE-2026-40972", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-40972 is fixed in version 2.4.6-tuxcare.4 of org.springframework.boot:spring-boot-dependencies." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-dependencies@2.4.6-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f951d0d3-bca1-5090-9759-756187bbe1ee", "id": "CVE-2026-40973", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40973 affects version 2.4.6-tuxcare.4 of org.springframework.boot:spring-boot-dependencies." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-dependencies@2.4.6-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2d243edf-f08c-5a14-967d-9d29fe2ed0e1", "id": "CVE-2026-40974", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40974 affects version 2.4.6-tuxcare.4 of org.springframework.boot:spring-boot-dependencies." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-dependencies@2.4.6-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:67411afd-0ea9-501b-bf9c-c39e2cac2d14", "id": "CVE-2026-40975", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-40975 is fixed in version 2.4.6-tuxcare.4 of org.springframework.boot:spring-boot-dependencies." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-dependencies@2.4.6-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:42b41bda-2d75-5481-bc21-59f074aadc88", "id": "CVE-2026-40977", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-40977 is fixed in version 2.4.6-tuxcare.4 of org.springframework.boot:spring-boot-dependencies." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-dependencies@2.4.6-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f095948a-fa3a-5e07-9eb4-c551df3d0140", "id": "CVE-2026-40992", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40992 affects version 2.4.6-tuxcare.4 of org.springframework.boot:spring-boot-dependencies." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-dependencies@2.4.6-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5dbea911-82a1-56c1-9c0f-6f7bb2d48900", "id": "CVE-2026-41001", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41001 affects version 2.4.6-tuxcare.4 of org.springframework.boot:spring-boot-dependencies." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-dependencies@2.4.6-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-dependencies@2.4.6-tuxcare.4" } ] }