{
  "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
  "bomFormat": "CycloneDX",
  "specVersion": "1.6",
  "serialNumber": "urn:uuid:c8b1f2ba-290a-599e-aecc-c61459a56253",
  "version": 1,
  "metadata": {
    "tools": [
      {
        "name": "tuxcare-vex-generator",
        "version": "1.0.0"
      }
    ]
  },
  "components": [
    {
      "bom-ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@2.7.18.tuxcare.2",
      "type": "library",
      "group": "org.springframework.boot",
      "name": "spring-boot-starter-data-mongodb",
      "version": "2.7.18.tuxcare.2",
      "purl": "pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@2.7.18.tuxcare.2"
    }
  ],
  "vulnerabilities": [
    {
      "bom-ref": "urn:uuid:7b4e1ff7-cd5f-59f0-b2bf-a80f024d5ced",
      "id": "CVE-2023-38286",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2023-38286 affects version 2.7.18.tuxcare.2 of org.springframework.boot:spring-boot-starter-data-mongodb."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@2.7.18.tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:01a44ab5-a579-59bb-9ed4-de532a3896a2",
      "id": "CVE-2024-38807",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-38807 affects version 2.7.18.tuxcare.2 of org.springframework.boot:spring-boot-starter-data-mongodb."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@2.7.18.tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:36894bc5-4976-5537-9f42-93e3af498b75",
      "id": "CVE-2025-22235",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2025-22235 affects version 2.7.18.tuxcare.2 of org.springframework.boot:spring-boot-starter-data-mongodb."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@2.7.18.tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:a6f5ff03-a50e-5a1d-88c0-7ae56b76d43a",
      "id": "CVE-2026-22733",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-22733 affects version 2.7.18.tuxcare.2 of org.springframework.boot:spring-boot-starter-data-mongodb."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@2.7.18.tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:29ee83b9-9d5d-5f5b-9509-f3dbe18dd74d",
      "id": "CVE-2026-40972",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-40972 affects version 2.7.18.tuxcare.2 of org.springframework.boot:spring-boot-starter-data-mongodb."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@2.7.18.tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:9cae4eb8-deb6-5c2a-bd81-589db2b6d830",
      "id": "CVE-2026-40973",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-40973 affects version 2.7.18.tuxcare.2 of org.springframework.boot:spring-boot-starter-data-mongodb."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@2.7.18.tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:fa15a7ef-d06b-50d9-84f1-d47f711cd8bb",
      "id": "CVE-2026-40974",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-40974 affects version 2.7.18.tuxcare.2 of org.springframework.boot:spring-boot-starter-data-mongodb."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@2.7.18.tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:5c8f73b2-49b7-5839-8a99-1b2a8231c838",
      "id": "CVE-2026-40975",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-40975 affects version 2.7.18.tuxcare.2 of org.springframework.boot:spring-boot-starter-data-mongodb."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@2.7.18.tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:d5fe42da-95df-5faa-bd94-d0e2f6f0e222",
      "id": "CVE-2026-40977",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-40977 affects version 2.7.18.tuxcare.2 of org.springframework.boot:spring-boot-starter-data-mongodb."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@2.7.18.tuxcare.2"
        }
      ]
    }
  ],
  "dependencies": [
    {
      "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb@2.7.18.tuxcare.2"
    }
  ]
}