{
  "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
  "bomFormat": "CycloneDX",
  "specVersion": "1.6",
  "serialNumber": "urn:uuid:71825f9a-7475-55f5-9d49-c784ad3c3a5a",
  "version": 1,
  "metadata": {
    "tools": [
      {
        "name": "tuxcare-vex-generator",
        "version": "1.0.0"
      }
    ]
  },
  "components": [
    {
      "bom-ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-jpa@2.6.15-tuxcare.11",
      "type": "library",
      "group": "org.springframework.boot",
      "name": "spring-boot-starter-data-jpa",
      "version": "2.6.15-tuxcare.11",
      "purl": "pkg:maven/org.springframework.boot/spring-boot-starter-data-jpa@2.6.15-tuxcare.11"
    }
  ],
  "vulnerabilities": [
    {
      "bom-ref": "urn:uuid:dae7c923-af86-56fd-89b5-e36d52a40a69",
      "id": "CVE-2023-34055",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2023-34055 is fixed in version 2.6.15-tuxcare.11 of org.springframework.boot:spring-boot-starter-data-jpa."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-jpa@2.6.15-tuxcare.11"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:ae3c2736-35ce-5acc-bcc3-b21c47bd7c1a",
      "id": "CVE-2024-38807",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38807 is fixed in version 2.6.15-tuxcare.11 of org.springframework.boot:spring-boot-starter-data-jpa."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-jpa@2.6.15-tuxcare.11"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:6fe65261-a4ab-5c88-8fbd-2e2cd567277a",
      "id": "CVE-2025-22235",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-22235 is fixed in version 2.6.15-tuxcare.11 of org.springframework.boot:spring-boot-starter-data-jpa."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-jpa@2.6.15-tuxcare.11"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:21e6fb86-69dc-5363-a0dd-f7c458989ad5",
      "id": "CVE-2026-22733",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2026-22733 is fixed in version 2.6.15-tuxcare.11 of org.springframework.boot:spring-boot-starter-data-jpa."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-jpa@2.6.15-tuxcare.11"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:6fee647b-0b11-5339-b562-ea25e5036916",
      "id": "CVE-2026-40972",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-40972 affects version 2.6.15-tuxcare.11 of org.springframework.boot:spring-boot-starter-data-jpa."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-jpa@2.6.15-tuxcare.11"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:ece102a6-7066-589f-9df6-26ed0d48b00c",
      "id": "CVE-2026-40973",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2026-40973 is fixed in version 2.6.15-tuxcare.11 of org.springframework.boot:spring-boot-starter-data-jpa."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-jpa@2.6.15-tuxcare.11"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:0102683c-470b-5a48-9c10-ae94004a8315",
      "id": "CVE-2026-40974",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-40974 affects version 2.6.15-tuxcare.11 of org.springframework.boot:spring-boot-starter-data-jpa."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-jpa@2.6.15-tuxcare.11"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:86a526de-1ff0-56cd-8dfa-232b2cf143ee",
      "id": "CVE-2026-40975",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-40975 affects version 2.6.15-tuxcare.11 of org.springframework.boot:spring-boot-starter-data-jpa."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-jpa@2.6.15-tuxcare.11"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:25e6add1-2d47-58d4-9524-bd3717f6c197",
      "id": "CVE-2026-40977",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2026-40977 is fixed in version 2.6.15-tuxcare.11 of org.springframework.boot:spring-boot-starter-data-jpa."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-jpa@2.6.15-tuxcare.11"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:c63077f9-89ef-5558-af85-141032a322d1",
      "id": "CVE-2026-40992",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-40992 affects version 2.6.15-tuxcare.11 of org.springframework.boot:spring-boot-starter-data-jpa."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-jpa@2.6.15-tuxcare.11"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:6a527b7e-7bae-50ad-a714-4058e4c1045d",
      "id": "CVE-2026-41001",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-41001 affects version 2.6.15-tuxcare.11 of org.springframework.boot:spring-boot-starter-data-jpa."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-jpa@2.6.15-tuxcare.11"
        }
      ]
    }
  ],
  "dependencies": [
    {
      "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-jpa@2.6.15-tuxcare.11"
    }
  ]
}