{
  "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
  "bomFormat": "CycloneDX",
  "specVersion": "1.6",
  "serialNumber": "urn:uuid:06b50107-864c-5f13-9dc1-e88c9b4c4ef3",
  "version": 1,
  "metadata": {
    "tools": [
      {
        "name": "tuxcare-vex-generator",
        "version": "1.0.0"
      }
    ]
  },
  "components": [
    {
      "bom-ref": "pkg:maven/org.springframework.boot/spring-boot-starter-webflux@2.4.6-tuxcare.5",
      "type": "library",
      "group": "org.springframework.boot",
      "name": "spring-boot-starter-webflux",
      "version": "2.4.6-tuxcare.5",
      "purl": "pkg:maven/org.springframework.boot/spring-boot-starter-webflux@2.4.6-tuxcare.5"
    }
  ],
  "vulnerabilities": [
    {
      "bom-ref": "urn:uuid:c5467c95-2b64-50d0-ae5f-0717c3642f84",
      "id": "CVE-2022-22965",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2022-22965 is fixed in version 2.4.6-tuxcare.5 of org.springframework.boot:spring-boot-starter-webflux."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-webflux@2.4.6-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:d4ee3860-c979-5201-bb92-7d35141c4f76",
      "id": "CVE-2023-20873",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2023-20873 is fixed in version 2.4.6-tuxcare.5 of org.springframework.boot:spring-boot-starter-webflux."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-webflux@2.4.6-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:f229c46e-d53c-5820-a2f7-71b8d2311f7f",
      "id": "CVE-2023-20883",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2023-20883 is fixed in version 2.4.6-tuxcare.5 of org.springframework.boot:spring-boot-starter-webflux."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-webflux@2.4.6-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:8daf2d2e-ed70-521f-a3c7-57b5093d26e4",
      "id": "CVE-2023-34055",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2023-34055 is fixed in version 2.4.6-tuxcare.5 of org.springframework.boot:spring-boot-starter-webflux."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-webflux@2.4.6-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:767f438e-112a-5583-a05c-ec1afeacadae",
      "id": "CVE-2023-38286",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2023-38286 affects version 2.4.6-tuxcare.5 of org.springframework.boot:spring-boot-starter-webflux."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-webflux@2.4.6-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:3fec7389-85d7-5922-a90d-6e668412ac4c",
      "id": "CVE-2024-38807",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-38807 affects version 2.4.6-tuxcare.5 of org.springframework.boot:spring-boot-starter-webflux."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-webflux@2.4.6-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:cf071e6c-352c-54e4-8cd3-6668ea07d021",
      "id": "CVE-2025-22235",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-22235 is fixed in version 2.4.6-tuxcare.5 of org.springframework.boot:spring-boot-starter-webflux."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-webflux@2.4.6-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:d30c3392-5cf4-55f5-9540-49dac672ccaf",
      "id": "CVE-2026-22733",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2026-22733 is fixed in version 2.4.6-tuxcare.5 of org.springframework.boot:spring-boot-starter-webflux."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-webflux@2.4.6-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:7a86d1d0-7389-531f-8be6-8373860c792a",
      "id": "CVE-2026-40972",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2026-40972 is fixed in version 2.4.6-tuxcare.5 of org.springframework.boot:spring-boot-starter-webflux."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-webflux@2.4.6-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:d37e2294-05c8-5fda-8fd4-741a0ae358bb",
      "id": "CVE-2026-40973",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2026-40973 is fixed in version 2.4.6-tuxcare.5 of org.springframework.boot:spring-boot-starter-webflux."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-webflux@2.4.6-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:e3c2047d-f28a-5cdc-a58a-13289f4d5f9f",
      "id": "CVE-2026-40974",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2026-40974 is fixed in version 2.4.6-tuxcare.5 of org.springframework.boot:spring-boot-starter-webflux."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-webflux@2.4.6-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:65c06a48-fcd5-5e4d-9ed0-60e952cddab0",
      "id": "CVE-2026-40975",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2026-40975 is fixed in version 2.4.6-tuxcare.5 of org.springframework.boot:spring-boot-starter-webflux."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-webflux@2.4.6-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:651dc6cb-4fbf-5546-908c-d008850942d7",
      "id": "CVE-2026-40977",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2026-40977 is fixed in version 2.4.6-tuxcare.5 of org.springframework.boot:spring-boot-starter-webflux."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-webflux@2.4.6-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:9ce22a49-63ee-580a-85f4-f23b6bae0678",
      "id": "CVE-2026-40992",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-40992 affects version 2.4.6-tuxcare.5 of org.springframework.boot:spring-boot-starter-webflux."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-webflux@2.4.6-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:d13bbe4f-e42c-5a8a-a4a7-98c9b51afb97",
      "id": "CVE-2026-41001",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-41001 affects version 2.4.6-tuxcare.5 of org.springframework.boot:spring-boot-starter-webflux."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-webflux@2.4.6-tuxcare.5"
        }
      ]
    }
  ],
  "dependencies": [
    {
      "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-webflux@2.4.6-tuxcare.5"
    }
  ]
}