{
  "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
  "bomFormat": "CycloneDX",
  "specVersion": "1.6",
  "serialNumber": "urn:uuid:e794cccc-a586-5a0a-8eb7-e4352fcb55cc",
  "version": 1,
  "metadata": {
    "tools": [
      {
        "name": "tuxcare-vex-generator",
        "version": "1.0.0"
      }
    ]
  },
  "components": [
    {
      "bom-ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb-reactive@2.4.6-tuxcare.5",
      "type": "library",
      "group": "org.springframework.boot",
      "name": "spring-boot-starter-data-mongodb-reactive",
      "version": "2.4.6-tuxcare.5",
      "purl": "pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb-reactive@2.4.6-tuxcare.5"
    }
  ],
  "vulnerabilities": [
    {
      "bom-ref": "urn:uuid:42c426e7-e85f-5d3b-928d-45844cedeb22",
      "id": "CVE-2022-22965",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2022-22965 is fixed in version 2.4.6-tuxcare.5 of org.springframework.boot:spring-boot-starter-data-mongodb-reactive."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb-reactive@2.4.6-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:5a2e4e4a-d877-5f2a-a215-1de38d28190f",
      "id": "CVE-2023-20873",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2023-20873 is fixed in version 2.4.6-tuxcare.5 of org.springframework.boot:spring-boot-starter-data-mongodb-reactive."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb-reactive@2.4.6-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:fac1f952-eca1-5a44-b5f0-6d2dd2285bf4",
      "id": "CVE-2023-20883",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2023-20883 is fixed in version 2.4.6-tuxcare.5 of org.springframework.boot:spring-boot-starter-data-mongodb-reactive."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb-reactive@2.4.6-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:4f3d25dd-45ef-5337-b107-4db38881f0b0",
      "id": "CVE-2023-34055",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2023-34055 is fixed in version 2.4.6-tuxcare.5 of org.springframework.boot:spring-boot-starter-data-mongodb-reactive."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb-reactive@2.4.6-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:943e3849-aa5d-5c54-94f0-06d297d44255",
      "id": "CVE-2023-38286",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2023-38286 affects version 2.4.6-tuxcare.5 of org.springframework.boot:spring-boot-starter-data-mongodb-reactive."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb-reactive@2.4.6-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:d918073f-9b46-5dfb-a484-21f52eb16f38",
      "id": "CVE-2024-38807",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-38807 affects version 2.4.6-tuxcare.5 of org.springframework.boot:spring-boot-starter-data-mongodb-reactive."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb-reactive@2.4.6-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:cc9b1746-482a-5300-992f-f93fef44a4e1",
      "id": "CVE-2025-22235",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-22235 is fixed in version 2.4.6-tuxcare.5 of org.springframework.boot:spring-boot-starter-data-mongodb-reactive."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb-reactive@2.4.6-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:cff7fb84-1048-5725-b523-44cce0912537",
      "id": "CVE-2026-22733",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2026-22733 is fixed in version 2.4.6-tuxcare.5 of org.springframework.boot:spring-boot-starter-data-mongodb-reactive."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb-reactive@2.4.6-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:4bcb0015-020a-5c1d-8b8a-8d299e7d54f1",
      "id": "CVE-2026-40972",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2026-40972 is fixed in version 2.4.6-tuxcare.5 of org.springframework.boot:spring-boot-starter-data-mongodb-reactive."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb-reactive@2.4.6-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:100a2873-891d-5e1f-a49c-a06615c995ba",
      "id": "CVE-2026-40973",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2026-40973 is fixed in version 2.4.6-tuxcare.5 of org.springframework.boot:spring-boot-starter-data-mongodb-reactive."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb-reactive@2.4.6-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:daff94d1-5bd9-5815-b1e9-5e73824b4532",
      "id": "CVE-2026-40974",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2026-40974 is fixed in version 2.4.6-tuxcare.5 of org.springframework.boot:spring-boot-starter-data-mongodb-reactive."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb-reactive@2.4.6-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:a6d60f02-20c5-5bc7-ba09-3b1d583890c6",
      "id": "CVE-2026-40975",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2026-40975 is fixed in version 2.4.6-tuxcare.5 of org.springframework.boot:spring-boot-starter-data-mongodb-reactive."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb-reactive@2.4.6-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:da2fffb4-87bb-5197-921d-eb93c434d63b",
      "id": "CVE-2026-40977",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2026-40977 is fixed in version 2.4.6-tuxcare.5 of org.springframework.boot:spring-boot-starter-data-mongodb-reactive."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb-reactive@2.4.6-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:41583607-46a7-5100-94d7-e622b1e76ce7",
      "id": "CVE-2026-40992",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-40992 affects version 2.4.6-tuxcare.5 of org.springframework.boot:spring-boot-starter-data-mongodb-reactive."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb-reactive@2.4.6-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:0f7ec97b-1763-537c-9da4-380d5fabec2e",
      "id": "CVE-2026-41001",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-41001 affects version 2.4.6-tuxcare.5 of org.springframework.boot:spring-boot-starter-data-mongodb-reactive."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb-reactive@2.4.6-tuxcare.5"
        }
      ]
    }
  ],
  "dependencies": [
    {
      "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb-reactive@2.4.6-tuxcare.5"
    }
  ]
}