{
  "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
  "bomFormat": "CycloneDX",
  "specVersion": "1.6",
  "serialNumber": "urn:uuid:9fb3e57d-6a2c-5c99-8fa1-372409457027",
  "version": 1,
  "metadata": {
    "tools": [
      {
        "name": "tuxcare-vex-generator",
        "version": "1.0.0"
      }
    ]
  },
  "components": [
    {
      "bom-ref": "pkg:maven/org.springframework.security/spring-security-saml2-service-provider@6.1.6-tuxcare.3",
      "type": "library",
      "group": "org.springframework.security",
      "name": "spring-security-saml2-service-provider",
      "version": "6.1.6-tuxcare.3",
      "purl": "pkg:maven/org.springframework.security/spring-security-saml2-service-provider@6.1.6-tuxcare.3"
    }
  ],
  "vulnerabilities": [
    {
      "bom-ref": "urn:uuid:c386e1b2-08bb-54f9-af8c-a95d259aeac5",
      "id": "CVE-2024-22234",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-22234 is fixed in version 6.1.6-tuxcare.3 of org.springframework.security:spring-security-saml2-service-provider."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.security/spring-security-saml2-service-provider@6.1.6-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:3c4d69e8-db65-5120-aa39-060d8b7b062a",
      "id": "CVE-2024-22257",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-22257 is fixed in version 6.1.6-tuxcare.3 of org.springframework.security:spring-security-saml2-service-provider."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.security/spring-security-saml2-service-provider@6.1.6-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:4d597538-5816-5d7f-a20f-206752db0bf4",
      "id": "CVE-2024-38821",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38821 is fixed in version 6.1.6-tuxcare.3 of org.springframework.security:spring-security-saml2-service-provider."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.security/spring-security-saml2-service-provider@6.1.6-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:4680d821-9a5d-51fb-a45f-01959bf73530",
      "id": "CVE-2024-38827",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38827 is fixed in version 6.1.6-tuxcare.3 of org.springframework.security:spring-security-saml2-service-provider."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.security/spring-security-saml2-service-provider@6.1.6-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:a2f702bc-0108-5bc4-bace-895bc762d3eb",
      "id": "CVE-2025-22228",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-22228 is fixed in version 6.1.6-tuxcare.3 of org.springframework.security:spring-security-saml2-service-provider."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.security/spring-security-saml2-service-provider@6.1.6-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:7c309584-765b-5006-849e-53394f5edfcf",
      "id": "CVE-2026-22732",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2026-22732 is fixed in version 6.1.6-tuxcare.3 of org.springframework.security:spring-security-saml2-service-provider."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.security/spring-security-saml2-service-provider@6.1.6-tuxcare.3"
        }
      ]
    }
  ],
  "dependencies": [
    {
      "ref": "pkg:maven/org.springframework.security/spring-security-saml2-service-provider@6.1.6-tuxcare.3"
    }
  ]
}