{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:52fc6bc3-e24a-5fd5-b27f-e21da124a240", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-cassandra-reactive@2.7.16-tuxcare.3", "type": "library", "group": "org.springframework.boot", "name": "spring-boot-starter-data-cassandra-reactive", "version": "2.7.16-tuxcare.3", "purl": "pkg:maven/org.springframework.boot/spring-boot-starter-data-cassandra-reactive@2.7.16-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:a74aeae6-73d5-516a-a3a0-b6d4a45d373e", "id": "CVE-2023-34055", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34055 is fixed in version 2.7.16-tuxcare.3 of org.springframework.boot:spring-boot-starter-data-cassandra-reactive." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-cassandra-reactive@2.7.16-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0f30fa16-01ed-5e6c-908a-d43ea8aeb69e", "id": "CVE-2023-38286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-38286 affects version 2.7.16-tuxcare.3 of org.springframework.boot:spring-boot-starter-data-cassandra-reactive." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-cassandra-reactive@2.7.16-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a857903b-767c-5ffb-aed6-8c6564a85c6f", "id": "CVE-2024-38807", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38807 affects version 2.7.16-tuxcare.3 of org.springframework.boot:spring-boot-starter-data-cassandra-reactive." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-cassandra-reactive@2.7.16-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bde29427-31a3-53ac-95b3-130559fd3123", "id": "CVE-2025-22235", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22235 is fixed in version 2.7.16-tuxcare.3 of org.springframework.boot:spring-boot-starter-data-cassandra-reactive." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-cassandra-reactive@2.7.16-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:51adcb3e-e5ed-5fe6-87d4-8f98f2d335b7", "id": "CVE-2026-22733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22733 is fixed in version 2.7.16-tuxcare.3 of org.springframework.boot:spring-boot-starter-data-cassandra-reactive." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-cassandra-reactive@2.7.16-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cbfce221-b049-53e8-9e1e-65e67a2b9b48", "id": "CVE-2026-40972", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-40972 is fixed in version 2.7.16-tuxcare.3 of org.springframework.boot:spring-boot-starter-data-cassandra-reactive." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-cassandra-reactive@2.7.16-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a2da337f-8849-527d-bc81-c36c049c68b9", "id": "CVE-2026-40973", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-40973 is fixed in version 2.7.16-tuxcare.3 of org.springframework.boot:spring-boot-starter-data-cassandra-reactive." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-cassandra-reactive@2.7.16-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5afd78a6-67ba-576d-a667-6ad4fd297473", "id": "CVE-2026-40974", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40974 affects version 2.7.16-tuxcare.3 of org.springframework.boot:spring-boot-starter-data-cassandra-reactive." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-cassandra-reactive@2.7.16-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b45e1556-33e6-5ba9-a86b-d14cef731420", "id": "CVE-2026-40975", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40975 affects version 2.7.16-tuxcare.3 of org.springframework.boot:spring-boot-starter-data-cassandra-reactive." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-cassandra-reactive@2.7.16-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e2e32099-5605-5540-8ae7-53d8ebab6289", "id": "CVE-2026-40977", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40977 affects version 2.7.16-tuxcare.3 of org.springframework.boot:spring-boot-starter-data-cassandra-reactive." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-cassandra-reactive@2.7.16-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:977666e8-bde8-5731-ac8d-486507243517", "id": "CVE-2026-40992", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40992 affects version 2.7.16-tuxcare.3 of org.springframework.boot:spring-boot-starter-data-cassandra-reactive." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-cassandra-reactive@2.7.16-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d0f74ba8-d276-50f9-b592-3977c6fc340e", "id": "CVE-2026-41001", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41001 affects version 2.7.16-tuxcare.3 of org.springframework.boot:spring-boot-starter-data-cassandra-reactive." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-cassandra-reactive@2.7.16-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-cassandra-reactive@2.7.16-tuxcare.3" } ] }