{
  "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
  "bomFormat": "CycloneDX",
  "specVersion": "1.6",
  "serialNumber": "urn:uuid:2d6f86d0-669d-52eb-b8be-d31403b0a988",
  "version": 1,
  "metadata": {
    "tools": [
      {
        "name": "tuxcare-vex-generator",
        "version": "1.0.0"
      }
    ]
  },
  "components": [
    {
      "bom-ref": "pkg:maven/org.springframework.boot/spring-boot-starter-parent@2.4.6-tuxcare.3",
      "type": "library",
      "group": "org.springframework.boot",
      "name": "spring-boot-starter-parent",
      "version": "2.4.6-tuxcare.3",
      "purl": "pkg:maven/org.springframework.boot/spring-boot-starter-parent@2.4.6-tuxcare.3"
    }
  ],
  "vulnerabilities": [
    {
      "bom-ref": "urn:uuid:f0e23717-dfe2-5789-a233-e913014b14ec",
      "id": "CVE-2022-22965",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2022-22965 is fixed in version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-starter-parent."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-parent@2.4.6-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:090f080d-29f3-536a-88b2-537b7621dd59",
      "id": "CVE-2023-20873",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2023-20873 is fixed in version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-starter-parent."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-parent@2.4.6-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:03a73bda-4c37-51dc-8037-9343e45070b9",
      "id": "CVE-2023-20883",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2023-20883 is fixed in version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-starter-parent."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-parent@2.4.6-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:81cf536e-26cc-5733-81d9-ea82544f2890",
      "id": "CVE-2023-34055",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2023-34055 is fixed in version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-starter-parent."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-parent@2.4.6-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:c65a041c-9c97-5981-81e4-3a9768150f34",
      "id": "CVE-2023-38286",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2023-38286 affects version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-starter-parent."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-parent@2.4.6-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:1f24d106-068e-5fa5-b85c-5a552b65bb98",
      "id": "CVE-2024-38807",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-38807 affects version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-starter-parent."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-parent@2.4.6-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:9c08dcc1-9837-5050-9ca6-be36123f007d",
      "id": "CVE-2025-22235",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-22235 is fixed in version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-starter-parent."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-parent@2.4.6-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:cfdf3005-3121-56c7-9356-f586adf41477",
      "id": "CVE-2026-22733",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-22733 affects version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-starter-parent."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-parent@2.4.6-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:9c516f55-8695-5eb4-a484-429a0cce4d3e",
      "id": "CVE-2026-40972",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-40972 affects version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-starter-parent."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-parent@2.4.6-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:73f533f8-85dd-51d6-8123-f15b5c0707d7",
      "id": "CVE-2026-40973",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-40973 affects version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-starter-parent."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-parent@2.4.6-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:a7ef149b-4a6c-5be0-904c-6ea61de27ede",
      "id": "CVE-2026-40974",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-40974 affects version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-starter-parent."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-parent@2.4.6-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:1d75b48d-33e3-58cd-ae5d-c4d65fda187e",
      "id": "CVE-2026-40975",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-40975 affects version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-starter-parent."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-parent@2.4.6-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:1bb2ac57-e4c4-590d-9cc2-a060c5c1d6cc",
      "id": "CVE-2026-40977",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-40977 affects version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-starter-parent."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-parent@2.4.6-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:c50f69b1-7c96-5da4-b65e-29206ae4bfe2",
      "id": "CVE-2026-40992",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-40992 affects version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-starter-parent."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-parent@2.4.6-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:f7eb0b08-a5cb-573b-97f9-0b432f0366e9",
      "id": "CVE-2026-41001",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-41001 affects version 2.4.6-tuxcare.3 of org.springframework.boot:spring-boot-starter-parent."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-parent@2.4.6-tuxcare.3"
        }
      ]
    }
  ],
  "dependencies": [
    {
      "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-parent@2.4.6-tuxcare.3"
    }
  ]
}