{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:a5f678b8-9e68-5db9-8ef3-726523b6fbb8", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-neo4j@2.6.15-tuxcare.3", "type": "library", "group": "org.springframework.boot", "name": "spring-boot-starter-data-neo4j", "version": "2.6.15-tuxcare.3", "purl": "pkg:maven/org.springframework.boot/spring-boot-starter-data-neo4j@2.6.15-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:e382eeba-337d-5e10-90d5-98a580880c15", "id": "CVE-2023-34055", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34055 affects version 2.6.15-tuxcare.3 of org.springframework.boot:spring-boot-starter-data-neo4j." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-neo4j@2.6.15-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:676e623c-2562-57c9-a4b9-ae2891a7a5d5", "id": "CVE-2024-38807", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38807 affects version 2.6.15-tuxcare.3 of org.springframework.boot:spring-boot-starter-data-neo4j." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-neo4j@2.6.15-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a2c1765b-a229-5b9d-b4e0-15e37eb7ad91", "id": "CVE-2025-22235", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22235 is fixed in version 2.6.15-tuxcare.3 of org.springframework.boot:spring-boot-starter-data-neo4j." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-neo4j@2.6.15-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:24a81581-7f07-593a-8285-c8e42a31a1e8", "id": "CVE-2026-22733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22733 affects version 2.6.15-tuxcare.3 of org.springframework.boot:spring-boot-starter-data-neo4j." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-neo4j@2.6.15-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7ac227dd-af0d-510f-bc37-834d6bd9a128", "id": "CVE-2026-40972", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40972 affects version 2.6.15-tuxcare.3 of org.springframework.boot:spring-boot-starter-data-neo4j." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-neo4j@2.6.15-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0899ad93-62b7-5185-bfab-4c58e4d13427", "id": "CVE-2026-40973", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40973 affects version 2.6.15-tuxcare.3 of org.springframework.boot:spring-boot-starter-data-neo4j." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-neo4j@2.6.15-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:016f1d0d-e853-5b81-8fdb-bf777ef83dd3", "id": "CVE-2026-40974", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40974 affects version 2.6.15-tuxcare.3 of org.springframework.boot:spring-boot-starter-data-neo4j." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-neo4j@2.6.15-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:44cb20de-7235-5fd3-91f4-d88d4af1b9f1", "id": "CVE-2026-40975", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40975 affects version 2.6.15-tuxcare.3 of org.springframework.boot:spring-boot-starter-data-neo4j." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-neo4j@2.6.15-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:71af7691-6d59-5817-a6f2-b26766e52392", "id": "CVE-2026-40977", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40977 affects version 2.6.15-tuxcare.3 of org.springframework.boot:spring-boot-starter-data-neo4j." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-neo4j@2.6.15-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-neo4j@2.6.15-tuxcare.3" } ] }