{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:73130d5f-c8fa-5005-b254-03e3684d5634", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-jdbc@2.4.6.tuxcare.2", "type": "library", "group": "org.springframework.boot", "name": "spring-boot-starter-data-jdbc", "version": "2.4.6.tuxcare.2", "purl": "pkg:maven/org.springframework.boot/spring-boot-starter-data-jdbc@2.4.6.tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:3da61801-d104-5e21-83cd-333e62c5a449", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 2.4.6.tuxcare.2 of org.springframework.boot:spring-boot-starter-data-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-jdbc@2.4.6.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:af7e04dc-a2c8-5771-bd9b-1196153d8b3c", "id": "CVE-2023-20873", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20873 is fixed in version 2.4.6.tuxcare.2 of org.springframework.boot:spring-boot-starter-data-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-jdbc@2.4.6.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a87f3b7e-3f21-583f-889d-83fbed5fa68c", "id": "CVE-2023-20883", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20883 is fixed in version 2.4.6.tuxcare.2 of org.springframework.boot:spring-boot-starter-data-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-jdbc@2.4.6.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:25de34bc-6403-52a9-bb18-f404f2360609", "id": "CVE-2023-34055", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34055 is fixed in version 2.4.6.tuxcare.2 of org.springframework.boot:spring-boot-starter-data-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-jdbc@2.4.6.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:42a55c96-481b-5381-bd42-46e1113a8c35", "id": "CVE-2023-38286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-38286 affects version 2.4.6.tuxcare.2 of org.springframework.boot:spring-boot-starter-data-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-jdbc@2.4.6.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d5970b16-f45c-5e39-9c3c-5c81336f1d90", "id": "CVE-2024-38807", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38807 affects version 2.4.6.tuxcare.2 of org.springframework.boot:spring-boot-starter-data-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-jdbc@2.4.6.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:02e1231c-8b99-54dc-89b9-8505fae5d118", "id": "CVE-2025-22235", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22235 is fixed in version 2.4.6.tuxcare.2 of org.springframework.boot:spring-boot-starter-data-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-jdbc@2.4.6.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8305809d-39d4-5d71-a7ec-82f25e11eb37", "id": "CVE-2026-22733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22733 affects version 2.4.6.tuxcare.2 of org.springframework.boot:spring-boot-starter-data-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-jdbc@2.4.6.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4b24de90-97c3-52f9-96ff-83c675297c9b", "id": "CVE-2026-40972", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40972 affects version 2.4.6.tuxcare.2 of org.springframework.boot:spring-boot-starter-data-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-jdbc@2.4.6.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8d6e31f2-6b73-553e-a067-de8073211f03", "id": "CVE-2026-40973", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40973 affects version 2.4.6.tuxcare.2 of org.springframework.boot:spring-boot-starter-data-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-jdbc@2.4.6.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d7787668-9faf-519c-b678-ebfcb45582bd", "id": "CVE-2026-40974", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40974 affects version 2.4.6.tuxcare.2 of org.springframework.boot:spring-boot-starter-data-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-jdbc@2.4.6.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:29e4ba57-0a77-58fd-96f2-01333330b58e", "id": "CVE-2026-40975", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40975 affects version 2.4.6.tuxcare.2 of org.springframework.boot:spring-boot-starter-data-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-jdbc@2.4.6.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f14b2d37-4765-5c30-a195-f60fd88bb793", "id": "CVE-2026-40977", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40977 affects version 2.4.6.tuxcare.2 of org.springframework.boot:spring-boot-starter-data-jdbc." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-jdbc@2.4.6.tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-jdbc@2.4.6.tuxcare.2" } ] }