{
  "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
  "bomFormat": "CycloneDX",
  "specVersion": "1.6",
  "serialNumber": "urn:uuid:cd1be39e-b6f4-5b82-b453-17488218f4d0",
  "version": 1,
  "metadata": {
    "tools": [
      {
        "name": "tuxcare-vex-generator",
        "version": "1.0.0"
      }
    ]
  },
  "components": [
    {
      "bom-ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-neo4j@2.4.6-tuxcare.4",
      "type": "library",
      "group": "org.springframework.boot",
      "name": "spring-boot-starter-data-neo4j",
      "version": "2.4.6-tuxcare.4",
      "purl": "pkg:maven/org.springframework.boot/spring-boot-starter-data-neo4j@2.4.6-tuxcare.4"
    }
  ],
  "vulnerabilities": [
    {
      "bom-ref": "urn:uuid:0c9a4f59-da98-567c-87af-bd48165022c3",
      "id": "CVE-2022-22965",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2022-22965 is fixed in version 2.4.6-tuxcare.4 of org.springframework.boot:spring-boot-starter-data-neo4j."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-neo4j@2.4.6-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:a48ac7ae-87f7-5213-84d4-25982e99e5cc",
      "id": "CVE-2023-20873",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2023-20873 is fixed in version 2.4.6-tuxcare.4 of org.springframework.boot:spring-boot-starter-data-neo4j."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-neo4j@2.4.6-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:1b1261f5-8c3a-5a9c-9775-992679110f1c",
      "id": "CVE-2023-20883",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2023-20883 is fixed in version 2.4.6-tuxcare.4 of org.springframework.boot:spring-boot-starter-data-neo4j."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-neo4j@2.4.6-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:28a19890-5140-59a7-950d-656490a1615f",
      "id": "CVE-2023-34055",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2023-34055 is fixed in version 2.4.6-tuxcare.4 of org.springframework.boot:spring-boot-starter-data-neo4j."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-neo4j@2.4.6-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:bb3c995e-8114-5b21-9d74-4a2073c290ee",
      "id": "CVE-2023-38286",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2023-38286 affects version 2.4.6-tuxcare.4 of org.springframework.boot:spring-boot-starter-data-neo4j."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-neo4j@2.4.6-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:be0f74b3-07a4-5dfb-b85c-01fb082ea311",
      "id": "CVE-2024-38807",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-38807 affects version 2.4.6-tuxcare.4 of org.springframework.boot:spring-boot-starter-data-neo4j."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-neo4j@2.4.6-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:b6f5ee6a-6d50-5abb-a4e4-27e0221ca85e",
      "id": "CVE-2025-22235",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-22235 is fixed in version 2.4.6-tuxcare.4 of org.springframework.boot:spring-boot-starter-data-neo4j."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-neo4j@2.4.6-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:a6b1c911-06ea-54a7-8bed-4622261b1442",
      "id": "CVE-2026-22733",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2026-22733 is fixed in version 2.4.6-tuxcare.4 of org.springframework.boot:spring-boot-starter-data-neo4j."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-neo4j@2.4.6-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:6cd5ee19-89c8-590c-b121-3f0e035adf4c",
      "id": "CVE-2026-40972",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2026-40972 is fixed in version 2.4.6-tuxcare.4 of org.springframework.boot:spring-boot-starter-data-neo4j."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-neo4j@2.4.6-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:35ebcf65-861b-5a41-b710-7b797b984bd6",
      "id": "CVE-2026-40973",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-40973 affects version 2.4.6-tuxcare.4 of org.springframework.boot:spring-boot-starter-data-neo4j."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-neo4j@2.4.6-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:a601c781-3581-5ddd-879d-be2b526e85a1",
      "id": "CVE-2026-40974",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-40974 affects version 2.4.6-tuxcare.4 of org.springframework.boot:spring-boot-starter-data-neo4j."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-neo4j@2.4.6-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:9b277b58-a0cd-5f60-b9a3-7d0125e1b413",
      "id": "CVE-2026-40975",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2026-40975 is fixed in version 2.4.6-tuxcare.4 of org.springframework.boot:spring-boot-starter-data-neo4j."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-neo4j@2.4.6-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:6871125f-93d6-557a-85fb-003ebab44ca0",
      "id": "CVE-2026-40977",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2026-40977 is fixed in version 2.4.6-tuxcare.4 of org.springframework.boot:spring-boot-starter-data-neo4j."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-neo4j@2.4.6-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:663c79c6-767c-5ff6-a5d4-f9cb120e8d60",
      "id": "CVE-2026-40992",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-40992 affects version 2.4.6-tuxcare.4 of org.springframework.boot:spring-boot-starter-data-neo4j."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-neo4j@2.4.6-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:b85ab8e6-8da0-59bc-86f7-0fd479dda0c9",
      "id": "CVE-2026-41001",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-41001 affects version 2.4.6-tuxcare.4 of org.springframework.boot:spring-boot-starter-data-neo4j."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-neo4j@2.4.6-tuxcare.4"
        }
      ]
    }
  ],
  "dependencies": [
    {
      "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-neo4j@2.4.6-tuxcare.4"
    }
  ]
}