{
  "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
  "bomFormat": "CycloneDX",
  "specVersion": "1.6",
  "serialNumber": "urn:uuid:2a12af02-e3d6-5609-bf75-3a2395794080",
  "version": 1,
  "metadata": {
    "tools": [
      {
        "name": "tuxcare-vex-generator",
        "version": "1.0.0"
      }
    ]
  },
  "components": [
    {
      "bom-ref": "pkg:maven/org.springframework/spring-oxm@6.0.23-tuxcare.3",
      "type": "library",
      "group": "org.springframework",
      "name": "spring-oxm",
      "version": "6.0.23-tuxcare.3",
      "purl": "pkg:maven/org.springframework/spring-oxm@6.0.23-tuxcare.3"
    }
  ],
  "vulnerabilities": [
    {
      "bom-ref": "urn:uuid:b9cd451e-2673-5d2b-9e89-17fe3237edac",
      "id": "CVE-2024-38816",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-38816 affects version 6.0.23-tuxcare.3 of org.springframework:spring-oxm."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-oxm@6.0.23-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:cc1f4a24-7380-5132-bfd4-c843a499ffed",
      "id": "CVE-2024-38819",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38819 is fixed in version 6.0.23-tuxcare.3 of org.springframework:spring-oxm."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-oxm@6.0.23-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:97b5c30d-49ce-5094-a86d-ce88bce28cb0",
      "id": "CVE-2024-38820",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38820 is fixed in version 6.0.23-tuxcare.3 of org.springframework:spring-oxm."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-oxm@6.0.23-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:f6a1f442-b86a-52cf-ae70-60246342a869",
      "id": "CVE-2025-22233",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-22233 is fixed in version 6.0.23-tuxcare.3 of org.springframework:spring-oxm."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-oxm@6.0.23-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:2fc93608-07b1-566a-b848-018c5ff471c4",
      "id": "CVE-2025-41234",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-41234 is fixed in version 6.0.23-tuxcare.3 of org.springframework:spring-oxm."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-oxm@6.0.23-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:81cc3e37-ca6e-5455-ba02-cd9f1bb7bd43",
      "id": "CVE-2025-41242",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2025-41242 affects version 6.0.23-tuxcare.3 of org.springframework:spring-oxm."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-oxm@6.0.23-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:81d67ed4-6134-5c30-ad68-507208a5e296",
      "id": "CVE-2025-41249",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2025-41249 affects version 6.0.23-tuxcare.3 of org.springframework:spring-oxm."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-oxm@6.0.23-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:5131c110-e30a-576c-8e97-20b870f89819",
      "id": "CVE-2025-41254",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2025-41254 affects version 6.0.23-tuxcare.3 of org.springframework:spring-oxm."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-oxm@6.0.23-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:438275b9-e6dc-55c4-9f99-456f1b2f4238",
      "id": "CVE-2026-22735",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2026-22735 is fixed in version 6.0.23-tuxcare.3 of org.springframework:spring-oxm."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-oxm@6.0.23-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:d70d7a65-aeba-5dad-af78-8e58e30f5bcc",
      "id": "CVE-2026-22737",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-22737 affects version 6.0.23-tuxcare.3 of org.springframework:spring-oxm."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-oxm@6.0.23-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:4320acd0-638f-5d21-9449-448dafc3c93c",
      "id": "CVE-2026-22740",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2026-22740 is fixed in version 6.0.23-tuxcare.3 of org.springframework:spring-oxm."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-oxm@6.0.23-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:d8a40479-6062-5428-b78d-a06c09798475",
      "id": "CVE-2026-22741",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2026-22741 is fixed in version 6.0.23-tuxcare.3 of org.springframework:spring-oxm."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-oxm@6.0.23-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:3106ad10-edf2-51f5-b503-2879bfebbf70",
      "id": "CVE-2026-22745",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-22745 affects version 6.0.23-tuxcare.3 of org.springframework:spring-oxm."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-oxm@6.0.23-tuxcare.3"
        }
      ]
    }
  ],
  "dependencies": [
    {
      "ref": "pkg:maven/org.springframework/spring-oxm@6.0.23-tuxcare.3"
    }
  ]
}