{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:1d3bb8d7-b4fe-55a2-854e-021dcf2b063f", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-cassandra@2.7.16-tuxcare.5", "type": "library", "group": "org.springframework.boot", "name": "spring-boot-starter-data-cassandra", "version": "2.7.16-tuxcare.5", "purl": "pkg:maven/org.springframework.boot/spring-boot-starter-data-cassandra@2.7.16-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:f84f0f34-6930-5fac-ad14-140d8a5aa254", "id": "CVE-2023-34055", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34055 is fixed in version 2.7.16-tuxcare.5 of org.springframework.boot:spring-boot-starter-data-cassandra." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-cassandra@2.7.16-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5fd74406-27ef-5405-b3be-edf0498ee64b", "id": "CVE-2023-38286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-38286 affects version 2.7.16-tuxcare.5 of org.springframework.boot:spring-boot-starter-data-cassandra." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-cassandra@2.7.16-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:822e580e-bdbd-5e43-9b32-bdab2dc7cb46", "id": "CVE-2024-38807", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38807 is fixed in version 2.7.16-tuxcare.5 of org.springframework.boot:spring-boot-starter-data-cassandra." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-cassandra@2.7.16-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:716c9a17-179c-5641-a2bf-9feec7dea043", "id": "CVE-2025-22235", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22235 is fixed in version 2.7.16-tuxcare.5 of org.springframework.boot:spring-boot-starter-data-cassandra." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-cassandra@2.7.16-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2b1cc9a5-7346-520f-bc53-570ed5ec1348", "id": "CVE-2026-22733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22733 is fixed in version 2.7.16-tuxcare.5 of org.springframework.boot:spring-boot-starter-data-cassandra." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-cassandra@2.7.16-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f851662c-69bf-5dec-a59a-1d1199e8d0dc", "id": "CVE-2026-40972", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-40972 is fixed in version 2.7.16-tuxcare.5 of org.springframework.boot:spring-boot-starter-data-cassandra." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-cassandra@2.7.16-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b96a2213-94e7-5620-ae2e-31232f35c3f2", "id": "CVE-2026-40973", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-40973 is fixed in version 2.7.16-tuxcare.5 of org.springframework.boot:spring-boot-starter-data-cassandra." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-cassandra@2.7.16-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:534ff96c-439b-5c5b-80aa-079d6f7448a4", "id": "CVE-2026-40974", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40974 affects version 2.7.16-tuxcare.5 of org.springframework.boot:spring-boot-starter-data-cassandra." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-cassandra@2.7.16-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b558aaa9-8d44-5f0a-8d1a-3bdb033573cf", "id": "CVE-2026-40975", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-40975 is fixed in version 2.7.16-tuxcare.5 of org.springframework.boot:spring-boot-starter-data-cassandra." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-cassandra@2.7.16-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0b750ee7-94fb-5a3b-8523-c1ab7b72d45e", "id": "CVE-2026-40977", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-40977 is fixed in version 2.7.16-tuxcare.5 of org.springframework.boot:spring-boot-starter-data-cassandra." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-cassandra@2.7.16-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e7e611a7-646e-52db-bb7c-fd1365673e5a", "id": "CVE-2026-40992", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40992 affects version 2.7.16-tuxcare.5 of org.springframework.boot:spring-boot-starter-data-cassandra." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-cassandra@2.7.16-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d44a3789-20d6-5bc8-a1b7-365d0fab04b2", "id": "CVE-2026-41001", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41001 affects version 2.7.16-tuxcare.5 of org.springframework.boot:spring-boot-starter-data-cassandra." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-cassandra@2.7.16-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-cassandra@2.7.16-tuxcare.5" } ] }