{
  "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
  "bomFormat": "CycloneDX",
  "specVersion": "1.6",
  "serialNumber": "urn:uuid:03054f37-46d0-56fd-a366-88a31af7f2c3",
  "version": 1,
  "metadata": {
    "tools": [
      {
        "name": "tuxcare-vex-generator",
        "version": "1.0.0"
      }
    ]
  },
  "components": [
    {
      "bom-ref": "pkg:maven/org.springframework/spring-framework-bom@6.0.16-tuxcare.3",
      "type": "library",
      "group": "org.springframework",
      "name": "spring-framework-bom",
      "version": "6.0.16-tuxcare.3",
      "purl": "pkg:maven/org.springframework/spring-framework-bom@6.0.16-tuxcare.3"
    }
  ],
  "vulnerabilities": [
    {
      "bom-ref": "urn:uuid:23de1c4e-ce0c-5a2c-9523-0b4da42e8e44",
      "id": "CVE-2024-22243",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-22243 is fixed in version 6.0.16-tuxcare.3 of org.springframework:spring-framework-bom."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-framework-bom@6.0.16-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:04700d25-8991-58c7-9ec2-30f7944cc432",
      "id": "CVE-2024-22259",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-22259 is fixed in version 6.0.16-tuxcare.3 of org.springframework:spring-framework-bom."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-framework-bom@6.0.16-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:5a20031c-1341-5cc4-a880-bae5b2d493de",
      "id": "CVE-2024-22262",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-22262 is fixed in version 6.0.16-tuxcare.3 of org.springframework:spring-framework-bom."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-framework-bom@6.0.16-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:e3e095dc-e749-5c2a-aac4-c421f38a487f",
      "id": "CVE-2024-38809",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38809 is fixed in version 6.0.16-tuxcare.3 of org.springframework:spring-framework-bom."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-framework-bom@6.0.16-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:a437829a-f501-5f02-ba58-5fed2aecadb8",
      "id": "CVE-2024-38816",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38816 is fixed in version 6.0.16-tuxcare.3 of org.springframework:spring-framework-bom."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-framework-bom@6.0.16-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:c387d051-a4d4-58ad-a75a-16bfdc3c73ab",
      "id": "CVE-2024-38819",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38819 is fixed in version 6.0.16-tuxcare.3 of org.springframework:spring-framework-bom."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-framework-bom@6.0.16-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:fda3a1ee-8ad3-5db1-8235-e8235354635d",
      "id": "CVE-2024-38820",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38820 is fixed in version 6.0.16-tuxcare.3 of org.springframework:spring-framework-bom."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-framework-bom@6.0.16-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:7d2c70fd-e3ae-52af-b4e1-ce03537b9f3f",
      "id": "CVE-2025-22233",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-22233 is fixed in version 6.0.16-tuxcare.3 of org.springframework:spring-framework-bom."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-framework-bom@6.0.16-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:6d214d09-e322-579b-a410-297042493a04",
      "id": "CVE-2025-41234",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-41234 is fixed in version 6.0.16-tuxcare.3 of org.springframework:spring-framework-bom."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-framework-bom@6.0.16-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:34b02eeb-9b7f-5718-bb5e-b62271b9fd57",
      "id": "CVE-2025-41242",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-41242 is fixed in version 6.0.16-tuxcare.3 of org.springframework:spring-framework-bom."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-framework-bom@6.0.16-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:a55b5197-4cb2-53bf-9884-9c31bdcae6bf",
      "id": "CVE-2025-41249",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-41249 is fixed in version 6.0.16-tuxcare.3 of org.springframework:spring-framework-bom."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-framework-bom@6.0.16-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:84f8e9da-7536-506a-b7dd-470f810f8c59",
      "id": "CVE-2025-41254",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-41254 is fixed in version 6.0.16-tuxcare.3 of org.springframework:spring-framework-bom."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-framework-bom@6.0.16-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:21db5fb6-7580-5824-a762-c78218bbf375",
      "id": "CVE-2026-22735",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2026-22735 is fixed in version 6.0.16-tuxcare.3 of org.springframework:spring-framework-bom."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-framework-bom@6.0.16-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:e45c8212-739e-5014-8e2c-4e46a43c26e3",
      "id": "CVE-2026-22737",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-22737 affects version 6.0.16-tuxcare.3 of org.springframework:spring-framework-bom."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-framework-bom@6.0.16-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:fba1f21d-6391-5e53-aae7-590e9709aeb2",
      "id": "CVE-2026-22740",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2026-22740 is fixed in version 6.0.16-tuxcare.3 of org.springframework:spring-framework-bom."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-framework-bom@6.0.16-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:47af4a34-77f0-5c57-8d5d-996abfcc97ea",
      "id": "CVE-2026-22741",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2026-22741 is fixed in version 6.0.16-tuxcare.3 of org.springframework:spring-framework-bom."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-framework-bom@6.0.16-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:47fd0e7a-e72f-5658-b442-df193cfdf0bb",
      "id": "CVE-2026-22745",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2026-22745 is fixed in version 6.0.16-tuxcare.3 of org.springframework:spring-framework-bom."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-framework-bom@6.0.16-tuxcare.3"
        }
      ]
    }
  ],
  "dependencies": [
    {
      "ref": "pkg:maven/org.springframework/spring-framework-bom@6.0.16-tuxcare.3"
    }
  ]
}