{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:37cf6d4b-cebb-5bdc-b0ac-4f66d99fc7de", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.boot/spring-boot-maven-plugin@2.4.6-tuxcare.3", "type": "library", "group": "org.springframework.boot", "name": "spring-boot-maven-plugin", "version": "2.4.6-tuxcare.3", "purl": "pkg:maven/org.springframework.boot/spring-boot-maven-plugin@2.4.6-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:87136928-7905-5aa0-aff7-0f2ef05bbbca", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-maven-plugin@2.4.6-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6607def5-98a1-5201-9c50-ce6b98efcfd7", "id": "CVE-2023-20873", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20873 is fixed in version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-maven-plugin@2.4.6-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c64d893e-aac6-548b-bffb-de01c50ecd11", "id": "CVE-2023-20883", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20883 is fixed in version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-maven-plugin@2.4.6-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b28b7e66-fdfa-51b5-b158-349833d774a3", "id": "CVE-2023-34055", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34055 is fixed in version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-maven-plugin@2.4.6-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:55623136-7b72-5fd4-b9ff-d0e9e4f8423b", "id": "CVE-2023-38286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-38286 affects version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-maven-plugin@2.4.6-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d706753f-7df4-5af1-bade-81f428a3fcd6", "id": "CVE-2024-38807", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38807 affects version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-maven-plugin@2.4.6-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5453f6b4-19c7-511a-824f-12ba1f286e8c", "id": "CVE-2025-22235", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22235 is fixed in version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-maven-plugin@2.4.6-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a081a34a-a4de-57df-99d6-2bf5e3422150", "id": "CVE-2026-22733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22733 affects version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-maven-plugin@2.4.6-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3a050a3a-f9a2-551c-a77b-ab5f2b7ad5a2", "id": "CVE-2026-40972", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40972 affects version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-maven-plugin@2.4.6-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6cb3ae87-c96a-58a7-9856-fb069f4a635f", "id": "CVE-2026-40973", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40973 affects version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-maven-plugin@2.4.6-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3b13732a-352e-5493-8ae6-7e02feeba56d", "id": "CVE-2026-40974", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40974 affects version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-maven-plugin@2.4.6-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e658bb06-f0ab-5b71-a578-5e5fe51f0702", "id": "CVE-2026-40975", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40975 affects version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-maven-plugin@2.4.6-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:435dd520-e95d-58dc-91ac-4357be22ee55", "id": "CVE-2026-40977", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40977 affects version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-maven-plugin@2.4.6-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6118dd26-7545-5fc0-9193-5d2a6b505613", "id": "CVE-2026-40992", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40992 affects version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-maven-plugin@2.4.6-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8846a7a1-abe7-5657-80e7-22f74625f628", "id": "CVE-2026-41001", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41001 affects version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-maven-plugin@2.4.6-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-maven-plugin@2.4.6-tuxcare.3" } ] }