{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:d2fd5314-dd0f-5336-8ba1-6a6ef3a3493d", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.boot/spring-boot-actuator@2.6.15-tuxcare.5", "type": "library", "group": "org.springframework.boot", "name": "spring-boot-actuator", "version": "2.6.15-tuxcare.5", "purl": "pkg:maven/org.springframework.boot/spring-boot-actuator@2.6.15-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:a8a3b0a8-c3e7-55d7-abb1-2534191f614d", "id": "CVE-2023-34055", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34055 is fixed in version 2.6.15-tuxcare.5 of org.springframework.boot:spring-boot-actuator." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-actuator@2.6.15-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ba454748-bd2f-504b-8f3c-b7370447a068", "id": "CVE-2024-38807", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38807 affects version 2.6.15-tuxcare.5 of org.springframework.boot:spring-boot-actuator." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-actuator@2.6.15-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b224822c-2b4e-5ac3-84a8-e84d24fe1071", "id": "CVE-2025-22235", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22235 is fixed in version 2.6.15-tuxcare.5 of org.springframework.boot:spring-boot-actuator." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-actuator@2.6.15-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b30c9f37-30a3-5ee4-9c91-297a41fdcfd4", "id": "CVE-2026-22733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22733 affects version 2.6.15-tuxcare.5 of org.springframework.boot:spring-boot-actuator." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-actuator@2.6.15-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d93e403f-a285-5a85-a25c-078c60050caa", "id": "CVE-2026-40972", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40972 affects version 2.6.15-tuxcare.5 of org.springframework.boot:spring-boot-actuator." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-actuator@2.6.15-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:05e32aa7-41e8-5eca-80c7-df8b487551a5", "id": "CVE-2026-40973", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40973 affects version 2.6.15-tuxcare.5 of org.springframework.boot:spring-boot-actuator." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-actuator@2.6.15-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:825269b1-ff5f-559c-a800-e9354d9e5b1c", "id": "CVE-2026-40974", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40974 affects version 2.6.15-tuxcare.5 of org.springframework.boot:spring-boot-actuator." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-actuator@2.6.15-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f45caba9-3da7-5ea8-85a9-2adfa9356093", "id": "CVE-2026-40975", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40975 affects version 2.6.15-tuxcare.5 of org.springframework.boot:spring-boot-actuator." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-actuator@2.6.15-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e7f6f6fa-4944-50cf-ba64-77630d4a298a", "id": "CVE-2026-40977", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40977 affects version 2.6.15-tuxcare.5 of org.springframework.boot:spring-boot-actuator." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-actuator@2.6.15-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-actuator@2.6.15-tuxcare.5" } ] }