{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:c5f21e4c-a66e-56a5-a593-55e1893fc614", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.boot/spring-boot-antlib@2.4.6.tuxcare.2", "type": "library", "group": "org.springframework.boot", "name": "spring-boot-antlib", "version": "2.4.6.tuxcare.2", "purl": "pkg:maven/org.springframework.boot/spring-boot-antlib@2.4.6.tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:ecfa1678-9c29-543e-8895-a2e95835e0e4", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 2.4.6.tuxcare.2 of org.springframework.boot:spring-boot-antlib." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-antlib@2.4.6.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8dd1bee3-2d8e-5f9b-ae92-ba4a958c1989", "id": "CVE-2023-20873", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20873 is fixed in version 2.4.6.tuxcare.2 of org.springframework.boot:spring-boot-antlib." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-antlib@2.4.6.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:287b068a-e24e-5bab-ab85-b10edff0b552", "id": "CVE-2023-20883", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20883 is fixed in version 2.4.6.tuxcare.2 of org.springframework.boot:spring-boot-antlib." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-antlib@2.4.6.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d8e4b57b-953b-5fab-bc1a-a2657c7d8eae", "id": "CVE-2023-34055", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34055 is fixed in version 2.4.6.tuxcare.2 of org.springframework.boot:spring-boot-antlib." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-antlib@2.4.6.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:935c65be-1659-5205-b61a-51350f261a7b", "id": "CVE-2023-38286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-38286 affects version 2.4.6.tuxcare.2 of org.springframework.boot:spring-boot-antlib." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-antlib@2.4.6.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f6b7e333-b02f-5cd5-b78d-bb80e4af2b84", "id": "CVE-2024-38807", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38807 affects version 2.4.6.tuxcare.2 of org.springframework.boot:spring-boot-antlib." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-antlib@2.4.6.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:86d7b491-9aae-5331-8d90-9be9775411de", "id": "CVE-2025-22235", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22235 is fixed in version 2.4.6.tuxcare.2 of org.springframework.boot:spring-boot-antlib." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-antlib@2.4.6.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ebc2f21c-65c5-57b6-a480-dbd4680b9975", "id": "CVE-2026-22733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22733 affects version 2.4.6.tuxcare.2 of org.springframework.boot:spring-boot-antlib." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-antlib@2.4.6.tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-antlib@2.4.6.tuxcare.2" } ] }