{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:436b4355-7698-5f6c-a277-3f0892d8813b", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.boot/spring-boot-gradle-plugin@2.4.6-tuxcare.4", "type": "library", "group": "org.springframework.boot", "name": "spring-boot-gradle-plugin", "version": "2.4.6-tuxcare.4", "purl": "pkg:maven/org.springframework.boot/spring-boot-gradle-plugin@2.4.6-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:5372753d-b614-5546-b74a-500f26506639", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 2.4.6-tuxcare.4 of org.springframework.boot:spring-boot-gradle-plugin." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-gradle-plugin@2.4.6-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:24f67f47-b844-500f-bfe5-2e8b112e66c8", "id": "CVE-2023-20873", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20873 is fixed in version 2.4.6-tuxcare.4 of org.springframework.boot:spring-boot-gradle-plugin." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-gradle-plugin@2.4.6-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6cd7c250-4c33-594a-96ba-e25a05fcdd14", "id": "CVE-2023-20883", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20883 is fixed in version 2.4.6-tuxcare.4 of org.springframework.boot:spring-boot-gradle-plugin." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-gradle-plugin@2.4.6-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0dc037f4-987d-59fa-8fb6-6dbf675301c7", "id": "CVE-2023-34055", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34055 is fixed in version 2.4.6-tuxcare.4 of org.springframework.boot:spring-boot-gradle-plugin." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-gradle-plugin@2.4.6-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:53324fb6-cdbc-5d02-988f-36c67ca17c4c", "id": "CVE-2023-38286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-38286 affects version 2.4.6-tuxcare.4 of org.springframework.boot:spring-boot-gradle-plugin." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-gradle-plugin@2.4.6-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6ec946f0-bf3c-5e26-8459-59464739a9a9", "id": "CVE-2024-38807", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38807 affects version 2.4.6-tuxcare.4 of org.springframework.boot:spring-boot-gradle-plugin." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-gradle-plugin@2.4.6-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ccc65560-2692-5641-b158-7fcfca39ce52", "id": "CVE-2025-22235", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22235 is fixed in version 2.4.6-tuxcare.4 of org.springframework.boot:spring-boot-gradle-plugin." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-gradle-plugin@2.4.6-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bd3a5928-3ef7-5c25-a537-9a6ecb330c68", "id": "CVE-2026-22733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22733 is fixed in version 2.4.6-tuxcare.4 of org.springframework.boot:spring-boot-gradle-plugin." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-gradle-plugin@2.4.6-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c5976d88-1bf6-53a5-8743-bdb89b2b9919", "id": "CVE-2026-40972", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-40972 is fixed in version 2.4.6-tuxcare.4 of org.springframework.boot:spring-boot-gradle-plugin." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-gradle-plugin@2.4.6-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e2e11ddf-3f59-5b6a-b29e-635ded63d927", "id": "CVE-2026-40973", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40973 affects version 2.4.6-tuxcare.4 of org.springframework.boot:spring-boot-gradle-plugin." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-gradle-plugin@2.4.6-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:417eb648-f4e9-586f-a9e7-a88cf1897c93", "id": "CVE-2026-40974", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40974 affects version 2.4.6-tuxcare.4 of org.springframework.boot:spring-boot-gradle-plugin." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-gradle-plugin@2.4.6-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fea8db87-cddf-5c3f-8c9f-858915f3b048", "id": "CVE-2026-40975", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-40975 is fixed in version 2.4.6-tuxcare.4 of org.springframework.boot:spring-boot-gradle-plugin." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-gradle-plugin@2.4.6-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e9ebc3dd-e870-5dc5-9989-f2c46d714ddc", "id": "CVE-2026-40977", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-40977 is fixed in version 2.4.6-tuxcare.4 of org.springframework.boot:spring-boot-gradle-plugin." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-gradle-plugin@2.4.6-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ea2a1420-2aee-5656-ab69-8c8f2e996fab", "id": "CVE-2026-40992", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40992 affects version 2.4.6-tuxcare.4 of org.springframework.boot:spring-boot-gradle-plugin." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-gradle-plugin@2.4.6-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:17845ab4-7cd8-55bc-b1df-08d61fcb2b94", "id": "CVE-2026-41001", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41001 affects version 2.4.6-tuxcare.4 of org.springframework.boot:spring-boot-gradle-plugin." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-gradle-plugin@2.4.6-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-gradle-plugin@2.4.6-tuxcare.4" } ] }