{
  "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
  "bomFormat": "CycloneDX",
  "specVersion": "1.6",
  "serialNumber": "urn:uuid:a1cd1c36-8f4a-5d57-83e2-9fafeac2d08e",
  "version": 1,
  "metadata": {
    "tools": [
      {
        "name": "tuxcare-vex-generator",
        "version": "1.0.0"
      }
    ]
  },
  "components": [
    {
      "bom-ref": "pkg:maven/org.springframework.boot/spring-boot-starter-actuator@2.4.6-tuxcare.3",
      "type": "library",
      "group": "org.springframework.boot",
      "name": "spring-boot-starter-actuator",
      "version": "2.4.6-tuxcare.3",
      "purl": "pkg:maven/org.springframework.boot/spring-boot-starter-actuator@2.4.6-tuxcare.3"
    }
  ],
  "vulnerabilities": [
    {
      "bom-ref": "urn:uuid:0d89b315-edd0-54bb-afc9-6b3ca5ab1426",
      "id": "CVE-2022-22965",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2022-22965 is fixed in version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-starter-actuator."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-actuator@2.4.6-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:5dc222d2-8eb9-5756-9eca-77c2c2eceefc",
      "id": "CVE-2023-20873",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2023-20873 is fixed in version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-starter-actuator."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-actuator@2.4.6-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:24c84ab2-8b62-5d81-acc9-40800f556baa",
      "id": "CVE-2023-20883",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2023-20883 is fixed in version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-starter-actuator."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-actuator@2.4.6-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:a552256c-447a-506c-ab7b-1524774f3961",
      "id": "CVE-2023-34055",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2023-34055 is fixed in version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-starter-actuator."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-actuator@2.4.6-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:92af2b9a-0cc1-50bb-b418-8a059dd34b90",
      "id": "CVE-2023-38286",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2023-38286 affects version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-starter-actuator."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-actuator@2.4.6-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:be5948fb-a3fa-534a-acda-03491a45cc72",
      "id": "CVE-2024-38807",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-38807 affects version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-starter-actuator."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-actuator@2.4.6-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:6a56c331-f0ea-5a7d-9023-fb34bbecb692",
      "id": "CVE-2025-22235",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-22235 is fixed in version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-starter-actuator."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-actuator@2.4.6-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:9a266357-a0e2-5b0d-a46a-5f8a0bc08d5f",
      "id": "CVE-2026-22733",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-22733 affects version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-starter-actuator."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-actuator@2.4.6-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:eb0982fa-fa64-59a9-8b36-a1fefa34e8a6",
      "id": "CVE-2026-40972",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-40972 affects version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-starter-actuator."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-actuator@2.4.6-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:226253b5-9d7b-57dd-9bfe-deb22b1ab8b5",
      "id": "CVE-2026-40973",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-40973 affects version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-starter-actuator."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-actuator@2.4.6-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:a3fdbda5-458d-5ee8-b405-3b14ce7692ac",
      "id": "CVE-2026-40974",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-40974 affects version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-starter-actuator."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-actuator@2.4.6-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:8a5f4aa0-25c1-5ead-9c08-40fc6b286665",
      "id": "CVE-2026-40975",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-40975 affects version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-starter-actuator."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-actuator@2.4.6-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:ac2426be-fcc4-5625-88b8-4a019f377dbd",
      "id": "CVE-2026-40977",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-40977 affects version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-starter-actuator."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-actuator@2.4.6-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:90f3ccc8-34f3-54b2-b060-e2c736ad7219",
      "id": "CVE-2026-40992",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-40992 affects version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-starter-actuator."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-actuator@2.4.6-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:ec1248ec-3510-5e18-aaf0-56f390740c75",
      "id": "CVE-2026-41001",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-41001 affects version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-starter-actuator."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-actuator@2.4.6-tuxcare.3"
        }
      ]
    }
  ],
  "dependencies": [
    {
      "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-actuator@2.4.6-tuxcare.3"
    }
  ]
}