{
  "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
  "bomFormat": "CycloneDX",
  "specVersion": "1.6",
  "serialNumber": "urn:uuid:f7ea45a0-6de6-53a6-bca6-e1db56c625cc",
  "version": 1,
  "metadata": {
    "tools": [
      {
        "name": "tuxcare-vex-generator",
        "version": "1.0.0"
      }
    ]
  },
  "components": [
    {
      "bom-ref": "pkg:maven/org.springframework/spring-webmvc@6.0.16-tuxcare.3",
      "type": "library",
      "group": "org.springframework",
      "name": "spring-webmvc",
      "version": "6.0.16-tuxcare.3",
      "purl": "pkg:maven/org.springframework/spring-webmvc@6.0.16-tuxcare.3"
    }
  ],
  "vulnerabilities": [
    {
      "bom-ref": "urn:uuid:1ee7332e-fd3a-5c4d-96aa-ca30e9caef38",
      "id": "CVE-2024-22243",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-22243 is fixed in version 6.0.16-tuxcare.3 of org.springframework:spring-webmvc."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webmvc@6.0.16-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:a55430ff-1c9c-591a-8418-cb68bde2dffe",
      "id": "CVE-2024-22259",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-22259 is fixed in version 6.0.16-tuxcare.3 of org.springframework:spring-webmvc."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webmvc@6.0.16-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:20e2cc0c-1a91-53d7-892e-c8b48263ead8",
      "id": "CVE-2024-22262",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-22262 is fixed in version 6.0.16-tuxcare.3 of org.springframework:spring-webmvc."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webmvc@6.0.16-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:aa2912a5-062c-58bc-a253-fd3cfce651ba",
      "id": "CVE-2024-38809",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38809 is fixed in version 6.0.16-tuxcare.3 of org.springframework:spring-webmvc."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webmvc@6.0.16-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:715151d6-eb4f-5452-b1f5-c61deaa1c093",
      "id": "CVE-2024-38816",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38816 is fixed in version 6.0.16-tuxcare.3 of org.springframework:spring-webmvc."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webmvc@6.0.16-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:06e7a74a-f0cd-560b-be71-5870c392b70c",
      "id": "CVE-2024-38819",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38819 is fixed in version 6.0.16-tuxcare.3 of org.springframework:spring-webmvc."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webmvc@6.0.16-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:eec31bbf-533a-5e16-9a33-205df86838ed",
      "id": "CVE-2024-38820",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38820 is fixed in version 6.0.16-tuxcare.3 of org.springframework:spring-webmvc."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webmvc@6.0.16-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:71215df7-d5ad-5504-8b58-1e82376e6393",
      "id": "CVE-2025-22233",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-22233 is fixed in version 6.0.16-tuxcare.3 of org.springframework:spring-webmvc."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webmvc@6.0.16-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:2dc6f7fb-d3c9-5d7a-8301-41b23be4d240",
      "id": "CVE-2025-41234",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-41234 is fixed in version 6.0.16-tuxcare.3 of org.springframework:spring-webmvc."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webmvc@6.0.16-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:c70dddcc-6077-5500-a0ff-df6057a120d8",
      "id": "CVE-2025-41242",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-41242 is fixed in version 6.0.16-tuxcare.3 of org.springframework:spring-webmvc."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webmvc@6.0.16-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:ac6c63a5-d7f5-5494-a8cd-a3d0cfd3d73f",
      "id": "CVE-2025-41249",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-41249 is fixed in version 6.0.16-tuxcare.3 of org.springframework:spring-webmvc."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webmvc@6.0.16-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:a3dc439c-089b-5542-994b-91c587b5ba6d",
      "id": "CVE-2025-41254",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-41254 is fixed in version 6.0.16-tuxcare.3 of org.springframework:spring-webmvc."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webmvc@6.0.16-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:64ab4ce4-04bc-5c5f-aa63-607247c1bf99",
      "id": "CVE-2026-22735",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2026-22735 is fixed in version 6.0.16-tuxcare.3 of org.springframework:spring-webmvc."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webmvc@6.0.16-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:de6ae83c-fde7-5db2-833e-e96b281981c6",
      "id": "CVE-2026-22737",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-22737 affects version 6.0.16-tuxcare.3 of org.springframework:spring-webmvc."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webmvc@6.0.16-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:5047c9f0-dc8a-57a8-9b5c-6b43c28aa357",
      "id": "CVE-2026-22740",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2026-22740 is fixed in version 6.0.16-tuxcare.3 of org.springframework:spring-webmvc."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webmvc@6.0.16-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:6bdd7607-bc4c-59db-8872-3f561b4504a4",
      "id": "CVE-2026-22741",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2026-22741 is fixed in version 6.0.16-tuxcare.3 of org.springframework:spring-webmvc."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webmvc@6.0.16-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:c6272b8e-c518-59e1-806e-04e9e9cfcc6b",
      "id": "CVE-2026-22745",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2026-22745 is fixed in version 6.0.16-tuxcare.3 of org.springframework:spring-webmvc."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webmvc@6.0.16-tuxcare.3"
        }
      ]
    }
  ],
  "dependencies": [
    {
      "ref": "pkg:maven/org.springframework/spring-webmvc@6.0.16-tuxcare.3"
    }
  ]
}