{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:7451f41e-37eb-5345-8313-5f6168ae8b38", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.boot/spring-boot-starter-jetty@2.4.6-tuxcare.3", "type": "library", "group": "org.springframework.boot", "name": "spring-boot-starter-jetty", "version": "2.4.6-tuxcare.3", "purl": "pkg:maven/org.springframework.boot/spring-boot-starter-jetty@2.4.6-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:fbee6f52-dbf2-5d9a-8005-f8102739a529", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-starter-jetty." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-jetty@2.4.6-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:30470a7b-566d-5a06-ab59-44fcbe0232c3", "id": "CVE-2023-20873", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20873 is fixed in version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-starter-jetty." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-jetty@2.4.6-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ddefa101-cc41-5955-b2bf-066d78d6be3b", "id": "CVE-2023-20883", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20883 is fixed in version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-starter-jetty." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-jetty@2.4.6-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:62437090-de7e-5d13-bd73-fd785ec84ea3", "id": "CVE-2023-34055", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34055 is fixed in version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-starter-jetty." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-jetty@2.4.6-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:db2283d9-b3fc-5989-bca4-1ac9c445a081", "id": "CVE-2023-38286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-38286 affects version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-starter-jetty." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-jetty@2.4.6-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:99f6a4ee-30f5-5707-ba3d-51a5fb9f8b67", "id": "CVE-2024-38807", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38807 affects version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-starter-jetty." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-jetty@2.4.6-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0b558eb7-688c-566e-8de2-31ba99180530", "id": "CVE-2025-22235", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22235 is fixed in version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-starter-jetty." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-jetty@2.4.6-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d0a65ee2-fc7f-563c-9d86-8855d0bed467", "id": "CVE-2026-22733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22733 affects version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-starter-jetty." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-jetty@2.4.6-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e3f03ffb-edaf-53e9-a67b-88c46f2efda9", "id": "CVE-2026-40972", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40972 affects version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-starter-jetty." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-jetty@2.4.6-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8be2b2e8-6909-59eb-b0f6-be21bd9f870e", "id": "CVE-2026-40973", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40973 affects version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-starter-jetty." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-jetty@2.4.6-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a0520100-f149-537d-930a-ff12343b7459", "id": "CVE-2026-40974", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40974 affects version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-starter-jetty." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-jetty@2.4.6-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:655eb373-d044-5da8-b2ab-950a6f546d68", "id": "CVE-2026-40975", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40975 affects version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-starter-jetty." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-jetty@2.4.6-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9cba5076-c855-5556-93ee-f46fb213e8e5", "id": "CVE-2026-40977", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40977 affects version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-starter-jetty." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-jetty@2.4.6-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a53cd671-0c3b-5921-a6d8-3464ebe91069", "id": "CVE-2026-40992", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40992 affects version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-starter-jetty." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-jetty@2.4.6-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b1dad996-c2fd-5c71-b82a-7faef0f42b80", "id": "CVE-2026-41001", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41001 affects version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-starter-jetty." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-jetty@2.4.6-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-jetty@2.4.6-tuxcare.3" } ] }