{
  "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
  "bomFormat": "CycloneDX",
  "specVersion": "1.6",
  "serialNumber": "urn:uuid:b704cce5-8ffe-5ea5-a16a-67fc3788a72e",
  "version": 1,
  "metadata": {
    "tools": [
      {
        "name": "tuxcare-vex-generator",
        "version": "1.0.0"
      }
    ]
  },
  "components": [
    {
      "bom-ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb-reactive@2.7.18.tuxcare.6",
      "type": "library",
      "group": "org.springframework.boot",
      "name": "spring-boot-starter-data-mongodb-reactive",
      "version": "2.7.18.tuxcare.6",
      "purl": "pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb-reactive@2.7.18.tuxcare.6"
    }
  ],
  "vulnerabilities": [
    {
      "bom-ref": "urn:uuid:ba781489-6630-5466-9574-028bb1f24a2c",
      "id": "CVE-2023-38286",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2023-38286 affects version 2.7.18.tuxcare.6 of org.springframework.boot:spring-boot-starter-data-mongodb-reactive."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb-reactive@2.7.18.tuxcare.6"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:85c124e6-f02e-562d-a5db-854b91f810d2",
      "id": "CVE-2024-38807",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38807 is fixed in version 2.7.18.tuxcare.6 of org.springframework.boot:spring-boot-starter-data-mongodb-reactive."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb-reactive@2.7.18.tuxcare.6"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:be542c99-5665-512b-ad39-e582a280ab9e",
      "id": "CVE-2025-22235",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-22235 is fixed in version 2.7.18.tuxcare.6 of org.springframework.boot:spring-boot-starter-data-mongodb-reactive."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb-reactive@2.7.18.tuxcare.6"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:9753b8fb-bea3-5330-8ff7-7bad948d95a8",
      "id": "CVE-2026-22733",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-22733 affects version 2.7.18.tuxcare.6 of org.springframework.boot:spring-boot-starter-data-mongodb-reactive."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb-reactive@2.7.18.tuxcare.6"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:c1e6a63c-a95f-5998-9d36-26e145538f92",
      "id": "CVE-2026-40972",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-40972 affects version 2.7.18.tuxcare.6 of org.springframework.boot:spring-boot-starter-data-mongodb-reactive."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb-reactive@2.7.18.tuxcare.6"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:1da87d2f-bb99-541a-b573-4529f1ea1447",
      "id": "CVE-2026-40973",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-40973 affects version 2.7.18.tuxcare.6 of org.springframework.boot:spring-boot-starter-data-mongodb-reactive."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb-reactive@2.7.18.tuxcare.6"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:f55dab8f-ae03-547f-a0bf-54384151cea4",
      "id": "CVE-2026-40974",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-40974 affects version 2.7.18.tuxcare.6 of org.springframework.boot:spring-boot-starter-data-mongodb-reactive."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb-reactive@2.7.18.tuxcare.6"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:092452f3-0201-50ff-8597-68d2db4df580",
      "id": "CVE-2026-40975",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-40975 affects version 2.7.18.tuxcare.6 of org.springframework.boot:spring-boot-starter-data-mongodb-reactive."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb-reactive@2.7.18.tuxcare.6"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:a4b4d0bb-08bb-5cf1-8066-0b9aa0ab888e",
      "id": "CVE-2026-40977",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-40977 affects version 2.7.18.tuxcare.6 of org.springframework.boot:spring-boot-starter-data-mongodb-reactive."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb-reactive@2.7.18.tuxcare.6"
        }
      ]
    }
  ],
  "dependencies": [
    {
      "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb-reactive@2.7.18.tuxcare.6"
    }
  ]
}