{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:770c18a2-7b54-5b00-adc6-977e9f833bf9", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.boot/spring-boot-starter-actuator@2.4.6.tuxcare.2", "type": "library", "group": "org.springframework.boot", "name": "spring-boot-starter-actuator", "version": "2.4.6.tuxcare.2", "purl": "pkg:maven/org.springframework.boot/spring-boot-starter-actuator@2.4.6.tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:d4f8ef22-2000-54ed-8616-13239328f37c", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 2.4.6.tuxcare.2 of org.springframework.boot:spring-boot-starter-actuator." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-actuator@2.4.6.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2a1aedc3-cdd7-587f-af0b-0b7f9ede093c", "id": "CVE-2023-20873", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20873 is fixed in version 2.4.6.tuxcare.2 of org.springframework.boot:spring-boot-starter-actuator." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-actuator@2.4.6.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:696f6120-43ee-5505-911c-decf340ca98c", "id": "CVE-2023-20883", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20883 is fixed in version 2.4.6.tuxcare.2 of org.springframework.boot:spring-boot-starter-actuator." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-actuator@2.4.6.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3102bbf7-70af-57ea-b54d-6fe38ef2649a", "id": "CVE-2023-34055", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34055 is fixed in version 2.4.6.tuxcare.2 of org.springframework.boot:spring-boot-starter-actuator." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-actuator@2.4.6.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6ebfe484-cec5-59e5-a863-d62a8425d5bc", "id": "CVE-2023-38286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-38286 affects version 2.4.6.tuxcare.2 of org.springframework.boot:spring-boot-starter-actuator." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-actuator@2.4.6.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b261c770-f8ea-5c25-b171-4bb719f6c7f0", "id": "CVE-2024-38807", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38807 affects version 2.4.6.tuxcare.2 of org.springframework.boot:spring-boot-starter-actuator." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-actuator@2.4.6.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1620d888-915f-57d3-b993-52530183d5d9", "id": "CVE-2025-22235", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22235 is fixed in version 2.4.6.tuxcare.2 of org.springframework.boot:spring-boot-starter-actuator." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-actuator@2.4.6.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:434f0ebc-8f1e-5d0e-8da2-50562cd37c82", "id": "CVE-2026-22733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22733 affects version 2.4.6.tuxcare.2 of org.springframework.boot:spring-boot-starter-actuator." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-actuator@2.4.6.tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-actuator@2.4.6.tuxcare.2" } ] }