{
  "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
  "bomFormat": "CycloneDX",
  "specVersion": "1.6",
  "serialNumber": "urn:uuid:051b75c3-4a40-50c1-8d56-d1774f718883",
  "version": 1,
  "metadata": {
    "tools": [
      {
        "name": "tuxcare-vex-generator",
        "version": "1.0.0"
      }
    ]
  },
  "components": [
    {
      "bom-ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-jpa@3.3.13-tuxcare.1",
      "type": "library",
      "group": "org.springframework.boot",
      "name": "spring-boot-starter-data-jpa",
      "version": "3.3.13-tuxcare.1",
      "purl": "pkg:maven/org.springframework.boot/spring-boot-starter-data-jpa@3.3.13-tuxcare.1"
    }
  ],
  "vulnerabilities": [
    {
      "bom-ref": "urn:uuid:f2c00e21-245e-551c-b7d2-3d3d33e7401d",
      "id": "CVE-2025-22235",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2025-22235 affects version 3.3.13-tuxcare.1 of org.springframework.boot:spring-boot-starter-data-jpa."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-jpa@3.3.13-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:fe5802ea-50a3-518b-b242-090bff170127",
      "id": "CVE-2026-22733",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-22733 affects version 3.3.13-tuxcare.1 of org.springframework.boot:spring-boot-starter-data-jpa."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-jpa@3.3.13-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:622f393c-6246-59bd-b28c-d65bbf2d39c1",
      "id": "CVE-2026-40972",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-40972 affects version 3.3.13-tuxcare.1 of org.springframework.boot:spring-boot-starter-data-jpa."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-jpa@3.3.13-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:63005360-8c24-52c4-99aa-ac95916d9523",
      "id": "CVE-2026-40973",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-40973 affects version 3.3.13-tuxcare.1 of org.springframework.boot:spring-boot-starter-data-jpa."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-jpa@3.3.13-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:2a9cce32-4bb4-5457-a457-5a91e62998f3",
      "id": "CVE-2026-40974",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-40974 affects version 3.3.13-tuxcare.1 of org.springframework.boot:spring-boot-starter-data-jpa."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-jpa@3.3.13-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:6a5fd040-2464-5431-9b5a-44aa2083782a",
      "id": "CVE-2026-40975",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-40975 affects version 3.3.13-tuxcare.1 of org.springframework.boot:spring-boot-starter-data-jpa."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-jpa@3.3.13-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:e8089da1-51b0-5299-bb17-840208267169",
      "id": "CVE-2026-40977",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-40977 affects version 3.3.13-tuxcare.1 of org.springframework.boot:spring-boot-starter-data-jpa."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-jpa@3.3.13-tuxcare.1"
        }
      ]
    }
  ],
  "dependencies": [
    {
      "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-jpa@3.3.13-tuxcare.1"
    }
  ]
}