{
  "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
  "bomFormat": "CycloneDX",
  "specVersion": "1.6",
  "serialNumber": "urn:uuid:0331cb70-7ba6-5645-b6a4-8e2e7af61ce5",
  "version": 1,
  "metadata": {
    "tools": [
      {
        "name": "tuxcare-vex-generator",
        "version": "1.0.0"
      }
    ]
  },
  "components": [
    {
      "bom-ref": "pkg:maven/org.springframework.boot/spring-boot-starter-reactor-netty@2.4.6-tuxcare.5",
      "type": "library",
      "group": "org.springframework.boot",
      "name": "spring-boot-starter-reactor-netty",
      "version": "2.4.6-tuxcare.5",
      "purl": "pkg:maven/org.springframework.boot/spring-boot-starter-reactor-netty@2.4.6-tuxcare.5"
    }
  ],
  "vulnerabilities": [
    {
      "bom-ref": "urn:uuid:0fc57f53-8dc8-5259-99ee-564bb5678baf",
      "id": "CVE-2022-22965",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2022-22965 is fixed in version 2.4.6-tuxcare.5 of org.springframework.boot:spring-boot-starter-reactor-netty."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-reactor-netty@2.4.6-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:b3b7b069-c0a0-5ab4-8f43-ec8d4ce25a75",
      "id": "CVE-2023-20873",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2023-20873 is fixed in version 2.4.6-tuxcare.5 of org.springframework.boot:spring-boot-starter-reactor-netty."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-reactor-netty@2.4.6-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:889c7830-aa75-5818-9146-c888b42357d9",
      "id": "CVE-2023-20883",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2023-20883 is fixed in version 2.4.6-tuxcare.5 of org.springframework.boot:spring-boot-starter-reactor-netty."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-reactor-netty@2.4.6-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:ca78b62a-9476-5e8b-89cc-2cecb12a5947",
      "id": "CVE-2023-34055",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2023-34055 is fixed in version 2.4.6-tuxcare.5 of org.springframework.boot:spring-boot-starter-reactor-netty."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-reactor-netty@2.4.6-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:b8c03664-4f41-58a4-af8d-fdb63251535a",
      "id": "CVE-2023-38286",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2023-38286 affects version 2.4.6-tuxcare.5 of org.springframework.boot:spring-boot-starter-reactor-netty."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-reactor-netty@2.4.6-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:ae94c25f-ebae-5b70-a24c-212d50bd3d7c",
      "id": "CVE-2024-38807",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-38807 affects version 2.4.6-tuxcare.5 of org.springframework.boot:spring-boot-starter-reactor-netty."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-reactor-netty@2.4.6-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:e547f570-4338-5a0f-80db-dda04662c61f",
      "id": "CVE-2025-22235",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-22235 is fixed in version 2.4.6-tuxcare.5 of org.springframework.boot:spring-boot-starter-reactor-netty."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-reactor-netty@2.4.6-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:8054b38c-a660-55f6-bfe0-506e6a135abe",
      "id": "CVE-2026-22733",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2026-22733 is fixed in version 2.4.6-tuxcare.5 of org.springframework.boot:spring-boot-starter-reactor-netty."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-reactor-netty@2.4.6-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:e899e98e-46e0-506c-b47e-c1ebbcf3a842",
      "id": "CVE-2026-40972",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2026-40972 is fixed in version 2.4.6-tuxcare.5 of org.springframework.boot:spring-boot-starter-reactor-netty."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-reactor-netty@2.4.6-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:a2a5d8b0-0966-5962-99ac-37b7773c6453",
      "id": "CVE-2026-40973",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2026-40973 is fixed in version 2.4.6-tuxcare.5 of org.springframework.boot:spring-boot-starter-reactor-netty."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-reactor-netty@2.4.6-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:775cb4b6-2aa7-57a2-83f5-4f826f104922",
      "id": "CVE-2026-40974",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2026-40974 is fixed in version 2.4.6-tuxcare.5 of org.springframework.boot:spring-boot-starter-reactor-netty."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-reactor-netty@2.4.6-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:a17fb67b-0b4c-5bd7-a484-6da264ab08d6",
      "id": "CVE-2026-40975",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2026-40975 is fixed in version 2.4.6-tuxcare.5 of org.springframework.boot:spring-boot-starter-reactor-netty."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-reactor-netty@2.4.6-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:6a18175f-f724-5692-9bbf-beefb0115fed",
      "id": "CVE-2026-40977",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2026-40977 is fixed in version 2.4.6-tuxcare.5 of org.springframework.boot:spring-boot-starter-reactor-netty."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-reactor-netty@2.4.6-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:5ea73a94-eeb1-55cc-aeb5-0af6454a1878",
      "id": "CVE-2026-40992",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-40992 affects version 2.4.6-tuxcare.5 of org.springframework.boot:spring-boot-starter-reactor-netty."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-reactor-netty@2.4.6-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:528b94df-04bd-5006-a4ed-153f2b62bbdc",
      "id": "CVE-2026-41001",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-41001 affects version 2.4.6-tuxcare.5 of org.springframework.boot:spring-boot-starter-reactor-netty."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-reactor-netty@2.4.6-tuxcare.5"
        }
      ]
    }
  ],
  "dependencies": [
    {
      "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-reactor-netty@2.4.6-tuxcare.5"
    }
  ]
}