{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:91b820f0-9c46-50ae-acf7-9bb326a0e6f4", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.boot/spring-boot-starter-jta-atomikos@2.4.6.tuxcare.2", "type": "library", "group": "org.springframework.boot", "name": "spring-boot-starter-jta-atomikos", "version": "2.4.6.tuxcare.2", "purl": "pkg:maven/org.springframework.boot/spring-boot-starter-jta-atomikos@2.4.6.tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:7e1068ff-1ec6-545b-b065-f8e5477b23e7", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 2.4.6.tuxcare.2 of org.springframework.boot:spring-boot-starter-jta-atomikos." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-jta-atomikos@2.4.6.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9680d912-a80b-57a0-8e32-05273e769a7a", "id": "CVE-2023-20873", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20873 is fixed in version 2.4.6.tuxcare.2 of org.springframework.boot:spring-boot-starter-jta-atomikos." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-jta-atomikos@2.4.6.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1515f7d4-6998-58ee-bbd6-1dc0ebe84c14", "id": "CVE-2023-20883", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20883 is fixed in version 2.4.6.tuxcare.2 of org.springframework.boot:spring-boot-starter-jta-atomikos." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-jta-atomikos@2.4.6.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2551d005-9edf-5451-9027-3c4fb9c35694", "id": "CVE-2023-34055", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34055 is fixed in version 2.4.6.tuxcare.2 of org.springframework.boot:spring-boot-starter-jta-atomikos." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-jta-atomikos@2.4.6.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c6e0f2fb-09df-568b-90e7-290e30f2998b", "id": "CVE-2023-38286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-38286 affects version 2.4.6.tuxcare.2 of org.springframework.boot:spring-boot-starter-jta-atomikos." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-jta-atomikos@2.4.6.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d3c4621e-9d81-51ef-b081-f02647a10d93", "id": "CVE-2024-38807", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38807 affects version 2.4.6.tuxcare.2 of org.springframework.boot:spring-boot-starter-jta-atomikos." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-jta-atomikos@2.4.6.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8b7f3e38-4044-5a41-9924-36a4266ebf24", "id": "CVE-2025-22235", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22235 is fixed in version 2.4.6.tuxcare.2 of org.springframework.boot:spring-boot-starter-jta-atomikos." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-jta-atomikos@2.4.6.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b2f03fd9-6086-56c8-abcc-30f841240dc3", "id": "CVE-2026-22733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22733 affects version 2.4.6.tuxcare.2 of org.springframework.boot:spring-boot-starter-jta-atomikos." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-jta-atomikos@2.4.6.tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-jta-atomikos@2.4.6.tuxcare.2" } ] }