{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:a11ee8a5-21c7-5963-9eaa-c6216b5df422", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-neo4j@2.7.16-tuxcare.4", "type": "library", "group": "org.springframework.boot", "name": "spring-boot-starter-data-neo4j", "version": "2.7.16-tuxcare.4", "purl": "pkg:maven/org.springframework.boot/spring-boot-starter-data-neo4j@2.7.16-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:445776e5-4d49-51e9-9bc3-a65045bea211", "id": "CVE-2023-34055", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34055 is fixed in version 2.7.16-tuxcare.4 of org.springframework.boot:spring-boot-starter-data-neo4j." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-neo4j@2.7.16-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:229f1b26-ee18-5496-9fb9-9c1ebb8dfba5", "id": "CVE-2023-38286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-38286 affects version 2.7.16-tuxcare.4 of org.springframework.boot:spring-boot-starter-data-neo4j." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-neo4j@2.7.16-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f58c8d11-2df5-576b-b1b2-bf467044bb7a", "id": "CVE-2024-38807", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38807 affects version 2.7.16-tuxcare.4 of org.springframework.boot:spring-boot-starter-data-neo4j." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-neo4j@2.7.16-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1e83b9b2-547c-57e2-a023-84e24a0f847e", "id": "CVE-2025-22235", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22235 is fixed in version 2.7.16-tuxcare.4 of org.springframework.boot:spring-boot-starter-data-neo4j." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-neo4j@2.7.16-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:72b1bcff-9b13-507e-baed-23cace97980e", "id": "CVE-2026-22733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22733 is fixed in version 2.7.16-tuxcare.4 of org.springframework.boot:spring-boot-starter-data-neo4j." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-neo4j@2.7.16-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:16a10316-2dc5-5e19-a154-ab384f3eeb74", "id": "CVE-2026-40972", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-40972 is fixed in version 2.7.16-tuxcare.4 of org.springframework.boot:spring-boot-starter-data-neo4j." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-neo4j@2.7.16-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e01d9d85-d415-50e9-a425-ecb133401115", "id": "CVE-2026-40973", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-40973 is fixed in version 2.7.16-tuxcare.4 of org.springframework.boot:spring-boot-starter-data-neo4j." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-neo4j@2.7.16-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:561a6836-a683-5d69-b6df-2930978ba0b4", "id": "CVE-2026-40974", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40974 affects version 2.7.16-tuxcare.4 of org.springframework.boot:spring-boot-starter-data-neo4j." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-neo4j@2.7.16-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4cf62cb4-1df0-5200-9df8-a097873c1e84", "id": "CVE-2026-40975", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-40975 is fixed in version 2.7.16-tuxcare.4 of org.springframework.boot:spring-boot-starter-data-neo4j." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-neo4j@2.7.16-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:75627bd3-0e86-5938-b8d0-07c016e86a6a", "id": "CVE-2026-40977", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-40977 is fixed in version 2.7.16-tuxcare.4 of org.springframework.boot:spring-boot-starter-data-neo4j." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-neo4j@2.7.16-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:afc0c63c-4155-5e9a-b731-68b253c5eeac", "id": "CVE-2026-40992", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40992 affects version 2.7.16-tuxcare.4 of org.springframework.boot:spring-boot-starter-data-neo4j." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-neo4j@2.7.16-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f6a11e1f-4205-5048-8d1f-c006650cf3f7", "id": "CVE-2026-41001", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41001 affects version 2.7.16-tuxcare.4 of org.springframework.boot:spring-boot-starter-data-neo4j." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-neo4j@2.7.16-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-neo4j@2.7.16-tuxcare.4" } ] }