{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:f2eb8613-96e6-568e-860b-bc959853de7f", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.boot/spring-boot-dependencies@2.4.6-tuxcare.5", "type": "library", "group": "org.springframework.boot", "name": "spring-boot-dependencies", "version": "2.4.6-tuxcare.5", "purl": "pkg:maven/org.springframework.boot/spring-boot-dependencies@2.4.6-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:b0abc6c2-5b94-5ad4-83e9-52f711c71097", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 2.4.6-tuxcare.5 of org.springframework.boot:spring-boot-dependencies." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-dependencies@2.4.6-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:92cffd3c-1ffd-5d8b-b064-e85d4d3fd3c3", "id": "CVE-2023-20873", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20873 is fixed in version 2.4.6-tuxcare.5 of org.springframework.boot:spring-boot-dependencies." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-dependencies@2.4.6-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:988ae542-62d7-5fc8-a249-781e07fecea3", "id": "CVE-2023-20883", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20883 is fixed in version 2.4.6-tuxcare.5 of org.springframework.boot:spring-boot-dependencies." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-dependencies@2.4.6-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:68a59eb0-581f-586c-a312-d6452554ead3", "id": "CVE-2023-34055", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34055 is fixed in version 2.4.6-tuxcare.5 of org.springframework.boot:spring-boot-dependencies." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-dependencies@2.4.6-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:42501a4d-6b69-5e88-8957-27470cb6b8a6", "id": "CVE-2023-38286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-38286 affects version 2.4.6-tuxcare.5 of org.springframework.boot:spring-boot-dependencies." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-dependencies@2.4.6-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ab1a7d36-295a-5de8-aee9-99da2ad70c5d", "id": "CVE-2024-38807", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38807 affects version 2.4.6-tuxcare.5 of org.springframework.boot:spring-boot-dependencies." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-dependencies@2.4.6-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4b98519d-7692-517f-92cf-e5d46f019922", "id": "CVE-2025-22235", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22235 is fixed in version 2.4.6-tuxcare.5 of org.springframework.boot:spring-boot-dependencies." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-dependencies@2.4.6-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7adda2c6-97cb-57a9-95e9-4134d55d49cb", "id": "CVE-2026-22733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22733 is fixed in version 2.4.6-tuxcare.5 of org.springframework.boot:spring-boot-dependencies." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-dependencies@2.4.6-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8e0618c7-db03-5fd5-9d91-aa79442bf56d", "id": "CVE-2026-40972", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-40972 is fixed in version 2.4.6-tuxcare.5 of org.springframework.boot:spring-boot-dependencies." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-dependencies@2.4.6-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1182231f-8193-58e7-8b53-094a9766c4cf", "id": "CVE-2026-40973", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-40973 is fixed in version 2.4.6-tuxcare.5 of org.springframework.boot:spring-boot-dependencies." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-dependencies@2.4.6-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:79d5c31f-35f5-57e7-9cf3-4568a2f01524", "id": "CVE-2026-40974", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-40974 is fixed in version 2.4.6-tuxcare.5 of org.springframework.boot:spring-boot-dependencies." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-dependencies@2.4.6-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c74abf8d-b452-585c-a2d5-bdec33a502f8", "id": "CVE-2026-40975", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-40975 is fixed in version 2.4.6-tuxcare.5 of org.springframework.boot:spring-boot-dependencies." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-dependencies@2.4.6-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:64740803-1f70-5a3a-802d-9c9b109e54ac", "id": "CVE-2026-40977", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-40977 is fixed in version 2.4.6-tuxcare.5 of org.springframework.boot:spring-boot-dependencies." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-dependencies@2.4.6-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f4ecb578-69b9-5aef-a580-73bbf0512457", "id": "CVE-2026-40992", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40992 affects version 2.4.6-tuxcare.5 of org.springframework.boot:spring-boot-dependencies." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-dependencies@2.4.6-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6ffa7377-2e41-5eea-b8a3-a3acc63dfbed", "id": "CVE-2026-41001", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41001 affects version 2.4.6-tuxcare.5 of org.springframework.boot:spring-boot-dependencies." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-dependencies@2.4.6-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-dependencies@2.4.6-tuxcare.5" } ] }