{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:e47be3b6-4f56-50c7-9cb1-85f589a3195b", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@2.7.16-tuxcare.5", "type": "library", "group": "org.springframework.boot", "name": "spring-boot-starter-data-mongodb", "version": "2.7.16-tuxcare.5", "purl": "pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@2.7.16-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:aeeb9001-4802-5bad-964c-16f74903bfe6", "id": "CVE-2023-34055", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34055 is fixed in version 2.7.16-tuxcare.5 of org.springframework.boot:spring-boot-starter-data-mongodb." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@2.7.16-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:66a85910-c651-5284-9fbe-097b15cf5344", "id": "CVE-2023-38286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-38286 affects version 2.7.16-tuxcare.5 of org.springframework.boot:spring-boot-starter-data-mongodb." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@2.7.16-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:93badd7a-1550-5bf3-aa0a-f85bc66f9dc9", "id": "CVE-2024-38807", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38807 is fixed in version 2.7.16-tuxcare.5 of org.springframework.boot:spring-boot-starter-data-mongodb." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@2.7.16-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:de23b6aa-4700-5f5d-97c0-0127fec649ba", "id": "CVE-2025-22235", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22235 is fixed in version 2.7.16-tuxcare.5 of org.springframework.boot:spring-boot-starter-data-mongodb." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@2.7.16-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d4164af9-74d1-5482-bf43-9d483b375215", "id": "CVE-2026-22733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22733 is fixed in version 2.7.16-tuxcare.5 of org.springframework.boot:spring-boot-starter-data-mongodb." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@2.7.16-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:118c120c-d54a-5967-b2bc-cd5cc29762bd", "id": "CVE-2026-40972", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-40972 is fixed in version 2.7.16-tuxcare.5 of org.springframework.boot:spring-boot-starter-data-mongodb." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@2.7.16-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b734a80a-b294-5a72-83ad-793406d0a6f2", "id": "CVE-2026-40973", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-40973 is fixed in version 2.7.16-tuxcare.5 of org.springframework.boot:spring-boot-starter-data-mongodb." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@2.7.16-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:cfc399ec-c95f-5a6f-9a0c-6b567b017ce9", "id": "CVE-2026-40974", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40974 affects version 2.7.16-tuxcare.5 of org.springframework.boot:spring-boot-starter-data-mongodb." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@2.7.16-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f8851288-512b-5473-9f8f-0683a2b31955", "id": "CVE-2026-40975", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-40975 is fixed in version 2.7.16-tuxcare.5 of org.springframework.boot:spring-boot-starter-data-mongodb." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@2.7.16-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a111c3e2-a678-56fa-ad38-db9c389dab0f", "id": "CVE-2026-40977", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-40977 is fixed in version 2.7.16-tuxcare.5 of org.springframework.boot:spring-boot-starter-data-mongodb." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@2.7.16-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:49faf2d4-2272-5ff5-98e5-f5dcd9f6af8d", "id": "CVE-2026-40992", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40992 affects version 2.7.16-tuxcare.5 of org.springframework.boot:spring-boot-starter-data-mongodb." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@2.7.16-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7d11e2ab-432d-560b-9030-a3c51bd3fed9", "id": "CVE-2026-41001", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41001 affects version 2.7.16-tuxcare.5 of org.springframework.boot:spring-boot-starter-data-mongodb." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@2.7.16-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@2.7.16-tuxcare.5" } ] }