{
  "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
  "bomFormat": "CycloneDX",
  "specVersion": "1.6",
  "serialNumber": "urn:uuid:df9f8d97-b75d-5aef-81cc-c4b69942d05a",
  "version": 1,
  "metadata": {
    "tools": [
      {
        "name": "tuxcare-vex-generator",
        "version": "1.0.0"
      }
    ]
  },
  "components": [
    {
      "bom-ref": "pkg:maven/org.springframework.boot/spring-boot-starter-jta-atomikos@2.4.6-tuxcare.5",
      "type": "library",
      "group": "org.springframework.boot",
      "name": "spring-boot-starter-jta-atomikos",
      "version": "2.4.6-tuxcare.5",
      "purl": "pkg:maven/org.springframework.boot/spring-boot-starter-jta-atomikos@2.4.6-tuxcare.5"
    }
  ],
  "vulnerabilities": [
    {
      "bom-ref": "urn:uuid:bd27d8ba-3163-55c9-8acc-0b9065f9cafa",
      "id": "CVE-2022-22965",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2022-22965 is fixed in version 2.4.6-tuxcare.5 of org.springframework.boot:spring-boot-starter-jta-atomikos."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-jta-atomikos@2.4.6-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:b1c28a61-b244-5916-8cb3-6116371bfbd1",
      "id": "CVE-2023-20873",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2023-20873 is fixed in version 2.4.6-tuxcare.5 of org.springframework.boot:spring-boot-starter-jta-atomikos."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-jta-atomikos@2.4.6-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:e9e7214b-b5f2-5eb2-ad81-c141a699cf19",
      "id": "CVE-2023-20883",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2023-20883 is fixed in version 2.4.6-tuxcare.5 of org.springframework.boot:spring-boot-starter-jta-atomikos."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-jta-atomikos@2.4.6-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:3cee0828-8627-54e8-b091-36d240895537",
      "id": "CVE-2023-34055",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2023-34055 is fixed in version 2.4.6-tuxcare.5 of org.springframework.boot:spring-boot-starter-jta-atomikos."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-jta-atomikos@2.4.6-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:7404f7c2-a393-509f-b3c8-e8a679793030",
      "id": "CVE-2023-38286",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2023-38286 affects version 2.4.6-tuxcare.5 of org.springframework.boot:spring-boot-starter-jta-atomikos."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-jta-atomikos@2.4.6-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:c6d38222-7ea9-5edd-a24f-e00a7974cb97",
      "id": "CVE-2024-38807",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-38807 affects version 2.4.6-tuxcare.5 of org.springframework.boot:spring-boot-starter-jta-atomikos."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-jta-atomikos@2.4.6-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:2c0d0c12-38c1-5740-84ca-bec256000605",
      "id": "CVE-2025-22235",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-22235 is fixed in version 2.4.6-tuxcare.5 of org.springframework.boot:spring-boot-starter-jta-atomikos."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-jta-atomikos@2.4.6-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:4a7c6d96-442b-5438-b0f5-7aa5d9e34f18",
      "id": "CVE-2026-22733",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2026-22733 is fixed in version 2.4.6-tuxcare.5 of org.springframework.boot:spring-boot-starter-jta-atomikos."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-jta-atomikos@2.4.6-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:152cf8e4-b294-5443-b9fd-4213744cdacc",
      "id": "CVE-2026-40972",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2026-40972 is fixed in version 2.4.6-tuxcare.5 of org.springframework.boot:spring-boot-starter-jta-atomikos."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-jta-atomikos@2.4.6-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:b38ea706-ebde-5be1-a3e9-b88b49dfe16b",
      "id": "CVE-2026-40973",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2026-40973 is fixed in version 2.4.6-tuxcare.5 of org.springframework.boot:spring-boot-starter-jta-atomikos."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-jta-atomikos@2.4.6-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:e10d578c-983a-5295-afa1-2e8d2480ef77",
      "id": "CVE-2026-40974",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2026-40974 is fixed in version 2.4.6-tuxcare.5 of org.springframework.boot:spring-boot-starter-jta-atomikos."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-jta-atomikos@2.4.6-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:e76a8256-3f90-5143-982c-64b3aff5cba0",
      "id": "CVE-2026-40975",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2026-40975 is fixed in version 2.4.6-tuxcare.5 of org.springframework.boot:spring-boot-starter-jta-atomikos."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-jta-atomikos@2.4.6-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:dea5612a-550c-5251-9085-d2229b0923a4",
      "id": "CVE-2026-40977",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2026-40977 is fixed in version 2.4.6-tuxcare.5 of org.springframework.boot:spring-boot-starter-jta-atomikos."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-jta-atomikos@2.4.6-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:463e8ffb-c790-55e5-a2e7-1e1677e81955",
      "id": "CVE-2026-40992",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-40992 affects version 2.4.6-tuxcare.5 of org.springframework.boot:spring-boot-starter-jta-atomikos."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-jta-atomikos@2.4.6-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:f40d3dde-010f-560a-83cf-78dcdbcec145",
      "id": "CVE-2026-41001",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-41001 affects version 2.4.6-tuxcare.5 of org.springframework.boot:spring-boot-starter-jta-atomikos."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-jta-atomikos@2.4.6-tuxcare.5"
        }
      ]
    }
  ],
  "dependencies": [
    {
      "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-jta-atomikos@2.4.6-tuxcare.5"
    }
  ]
}