{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:fdb98926-2280-5303-b16b-4fb13799f350", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb-reactive@3.3.13-tuxcare.2", "type": "library", "group": "org.springframework.boot", "name": "spring-boot-starter-data-mongodb-reactive", "version": "3.3.13-tuxcare.2", "purl": "pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb-reactive@3.3.13-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:cbff4f4b-fcc2-5eee-b697-8195dd572fa6", "id": "CVE-2025-22235", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22235 affects version 3.3.13-tuxcare.2 of org.springframework.boot:spring-boot-starter-data-mongodb-reactive." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb-reactive@3.3.13-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:37377eb1-d107-5e1f-8ae1-26e0ead89f0e", "id": "CVE-2026-22733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22733 affects version 3.3.13-tuxcare.2 of org.springframework.boot:spring-boot-starter-data-mongodb-reactive." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb-reactive@3.3.13-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dcca2fe1-0343-56c8-a77c-763c0d055a7c", "id": "CVE-2026-40972", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40972 affects version 3.3.13-tuxcare.2 of org.springframework.boot:spring-boot-starter-data-mongodb-reactive." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb-reactive@3.3.13-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:10da4b12-c9ff-5ab1-b0dc-dcafa8962115", "id": "CVE-2026-40973", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40973 affects version 3.3.13-tuxcare.2 of org.springframework.boot:spring-boot-starter-data-mongodb-reactive." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb-reactive@3.3.13-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5644ee5b-2f5e-59c7-bbc4-d901d837a43b", "id": "CVE-2026-40974", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40974 affects version 3.3.13-tuxcare.2 of org.springframework.boot:spring-boot-starter-data-mongodb-reactive." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb-reactive@3.3.13-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:27e56363-a3a1-59de-b2db-d058e5df9d3a", "id": "CVE-2026-40975", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40975 affects version 3.3.13-tuxcare.2 of org.springframework.boot:spring-boot-starter-data-mongodb-reactive." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb-reactive@3.3.13-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8eee4136-f653-597a-a79d-9e41e68beefa", "id": "CVE-2026-40977", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40977 affects version 3.3.13-tuxcare.2 of org.springframework.boot:spring-boot-starter-data-mongodb-reactive." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb-reactive@3.3.13-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-mongodb-reactive@3.3.13-tuxcare.2" } ] }