{
  "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
  "bomFormat": "CycloneDX",
  "specVersion": "1.6",
  "serialNumber": "urn:uuid:7e560ff7-6a86-5acb-a70d-d2c0d0e5f3cd",
  "version": 1,
  "metadata": {
    "tools": [
      {
        "name": "tuxcare-vex-generator",
        "version": "1.0.0"
      }
    ]
  },
  "components": [
    {
      "bom-ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-cassandra@2.4.6-tuxcare.4",
      "type": "library",
      "group": "org.springframework.boot",
      "name": "spring-boot-starter-data-cassandra",
      "version": "2.4.6-tuxcare.4",
      "purl": "pkg:maven/org.springframework.boot/spring-boot-starter-data-cassandra@2.4.6-tuxcare.4"
    }
  ],
  "vulnerabilities": [
    {
      "bom-ref": "urn:uuid:034f973b-aba7-5ebe-9fa1-671ec8533064",
      "id": "CVE-2022-22965",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2022-22965 is fixed in version 2.4.6-tuxcare.4 of org.springframework.boot:spring-boot-starter-data-cassandra."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-cassandra@2.4.6-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:0c29efa1-c46b-5ffe-b3a2-f2090aee1c4f",
      "id": "CVE-2023-20873",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2023-20873 is fixed in version 2.4.6-tuxcare.4 of org.springframework.boot:spring-boot-starter-data-cassandra."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-cassandra@2.4.6-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:9ba28aaf-78bd-5186-99ee-e75fb344d851",
      "id": "CVE-2023-20883",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2023-20883 is fixed in version 2.4.6-tuxcare.4 of org.springframework.boot:spring-boot-starter-data-cassandra."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-cassandra@2.4.6-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:6e8b5db4-a7c2-58c9-a997-7b79aea40d9f",
      "id": "CVE-2023-34055",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2023-34055 is fixed in version 2.4.6-tuxcare.4 of org.springframework.boot:spring-boot-starter-data-cassandra."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-cassandra@2.4.6-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:e15d070a-457d-57f1-88d3-ca63b62af639",
      "id": "CVE-2023-38286",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2023-38286 affects version 2.4.6-tuxcare.4 of org.springframework.boot:spring-boot-starter-data-cassandra."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-cassandra@2.4.6-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:999368ee-b527-5cb8-a307-1642f35f345c",
      "id": "CVE-2024-38807",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-38807 affects version 2.4.6-tuxcare.4 of org.springframework.boot:spring-boot-starter-data-cassandra."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-cassandra@2.4.6-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:c220319d-47f4-5a28-ad38-0ed56fc0a42d",
      "id": "CVE-2025-22235",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-22235 is fixed in version 2.4.6-tuxcare.4 of org.springframework.boot:spring-boot-starter-data-cassandra."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-cassandra@2.4.6-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:4e34992f-85f3-52da-82df-bb2812642f81",
      "id": "CVE-2026-22733",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2026-22733 is fixed in version 2.4.6-tuxcare.4 of org.springframework.boot:spring-boot-starter-data-cassandra."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-cassandra@2.4.6-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:5eb88a8b-2671-5e1a-8d6c-f195e17ba714",
      "id": "CVE-2026-40972",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2026-40972 is fixed in version 2.4.6-tuxcare.4 of org.springframework.boot:spring-boot-starter-data-cassandra."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-cassandra@2.4.6-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:6648a286-dc5b-55f8-8e49-e10a646c08c4",
      "id": "CVE-2026-40973",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-40973 affects version 2.4.6-tuxcare.4 of org.springframework.boot:spring-boot-starter-data-cassandra."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-cassandra@2.4.6-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:4c4fe617-1b0c-56f4-9a0e-3d8e97dd051d",
      "id": "CVE-2026-40974",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-40974 affects version 2.4.6-tuxcare.4 of org.springframework.boot:spring-boot-starter-data-cassandra."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-cassandra@2.4.6-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:23014636-31dc-5599-be20-d4b66eaacb30",
      "id": "CVE-2026-40975",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2026-40975 is fixed in version 2.4.6-tuxcare.4 of org.springframework.boot:spring-boot-starter-data-cassandra."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-cassandra@2.4.6-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:64eef145-7f1d-52d5-a057-450fcca2d7c6",
      "id": "CVE-2026-40977",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2026-40977 is fixed in version 2.4.6-tuxcare.4 of org.springframework.boot:spring-boot-starter-data-cassandra."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-cassandra@2.4.6-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:af81c8c3-1100-54e5-a069-dd90f801c1eb",
      "id": "CVE-2026-40992",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-40992 affects version 2.4.6-tuxcare.4 of org.springframework.boot:spring-boot-starter-data-cassandra."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-cassandra@2.4.6-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:3cf68ea5-8c97-5099-a278-0502a4f1a09c",
      "id": "CVE-2026-41001",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-41001 affects version 2.4.6-tuxcare.4 of org.springframework.boot:spring-boot-starter-data-cassandra."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-cassandra@2.4.6-tuxcare.4"
        }
      ]
    }
  ],
  "dependencies": [
    {
      "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-cassandra@2.4.6-tuxcare.4"
    }
  ]
}