{
  "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
  "bomFormat": "CycloneDX",
  "specVersion": "1.6",
  "serialNumber": "urn:uuid:951cf4d0-9477-58c7-b99d-2ac8c69d5242",
  "version": 1,
  "metadata": {
    "tools": [
      {
        "name": "tuxcare-vex-generator",
        "version": "1.0.0"
      }
    ]
  },
  "components": [
    {
      "bom-ref": "pkg:maven/org.springframework/spring-webflux@6.0.16-tuxcare.3",
      "type": "library",
      "group": "org.springframework",
      "name": "spring-webflux",
      "version": "6.0.16-tuxcare.3",
      "purl": "pkg:maven/org.springframework/spring-webflux@6.0.16-tuxcare.3"
    }
  ],
  "vulnerabilities": [
    {
      "bom-ref": "urn:uuid:4e3fa5c5-e48a-53d5-ad21-bb7e4c883bb6",
      "id": "CVE-2024-22243",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-22243 is fixed in version 6.0.16-tuxcare.3 of org.springframework:spring-webflux."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webflux@6.0.16-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:431d2392-8ad5-545d-b17d-421c3679e0e5",
      "id": "CVE-2024-22259",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-22259 is fixed in version 6.0.16-tuxcare.3 of org.springframework:spring-webflux."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webflux@6.0.16-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:9a576ae4-a0c7-5b2b-9d87-c85e820182cf",
      "id": "CVE-2024-22262",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-22262 is fixed in version 6.0.16-tuxcare.3 of org.springframework:spring-webflux."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webflux@6.0.16-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:24932bf4-cc02-5dba-8426-4ca37d5b17a4",
      "id": "CVE-2024-38809",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38809 is fixed in version 6.0.16-tuxcare.3 of org.springframework:spring-webflux."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webflux@6.0.16-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:10d12a6c-1208-5109-97cc-f6957de7fe8e",
      "id": "CVE-2024-38816",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38816 is fixed in version 6.0.16-tuxcare.3 of org.springframework:spring-webflux."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webflux@6.0.16-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:eed1d886-b233-5e53-a18c-8ad71a6775f0",
      "id": "CVE-2024-38819",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38819 is fixed in version 6.0.16-tuxcare.3 of org.springframework:spring-webflux."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webflux@6.0.16-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:187cb0ea-af69-573c-b23d-a1053a7f3f23",
      "id": "CVE-2024-38820",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38820 is fixed in version 6.0.16-tuxcare.3 of org.springframework:spring-webflux."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webflux@6.0.16-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:ca67e578-2343-534f-90aa-9689800cc4c4",
      "id": "CVE-2025-22233",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-22233 is fixed in version 6.0.16-tuxcare.3 of org.springframework:spring-webflux."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webflux@6.0.16-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:5fea91c8-9baa-52dd-a173-776d26b1054f",
      "id": "CVE-2025-41234",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-41234 is fixed in version 6.0.16-tuxcare.3 of org.springframework:spring-webflux."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webflux@6.0.16-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:aa097103-d08b-5cd2-8703-4c2ac335bb85",
      "id": "CVE-2025-41242",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-41242 is fixed in version 6.0.16-tuxcare.3 of org.springframework:spring-webflux."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webflux@6.0.16-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:96acdd46-ac58-5450-88e3-426c88284c2a",
      "id": "CVE-2025-41249",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-41249 is fixed in version 6.0.16-tuxcare.3 of org.springframework:spring-webflux."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webflux@6.0.16-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:cb4ef173-dec2-5c6d-ab38-ef686ab8dc5e",
      "id": "CVE-2025-41254",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-41254 is fixed in version 6.0.16-tuxcare.3 of org.springframework:spring-webflux."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webflux@6.0.16-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:aa121b64-261d-5d9f-ae74-6dc966f3db2e",
      "id": "CVE-2026-22735",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2026-22735 is fixed in version 6.0.16-tuxcare.3 of org.springframework:spring-webflux."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webflux@6.0.16-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:d26e3169-b2cf-537a-8e09-35cbac447ef9",
      "id": "CVE-2026-22737",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-22737 affects version 6.0.16-tuxcare.3 of org.springframework:spring-webflux."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webflux@6.0.16-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:8f97972c-60f4-5bd1-8527-8a937a0cf52a",
      "id": "CVE-2026-22740",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2026-22740 is fixed in version 6.0.16-tuxcare.3 of org.springframework:spring-webflux."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webflux@6.0.16-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:0296e132-8420-5974-b2a6-e4c9ce96b09b",
      "id": "CVE-2026-22741",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2026-22741 is fixed in version 6.0.16-tuxcare.3 of org.springframework:spring-webflux."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webflux@6.0.16-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:353eef5f-c54f-55fb-ae7a-e070c90d309c",
      "id": "CVE-2026-22745",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2026-22745 is fixed in version 6.0.16-tuxcare.3 of org.springframework:spring-webflux."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webflux@6.0.16-tuxcare.3"
        }
      ]
    }
  ],
  "dependencies": [
    {
      "ref": "pkg:maven/org.springframework/spring-webflux@6.0.16-tuxcare.3"
    }
  ]
}