{
  "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
  "bomFormat": "CycloneDX",
  "specVersion": "1.6",
  "serialNumber": "urn:uuid:28627e02-db87-5b13-90d4-5a1290c935a6",
  "version": 1,
  "metadata": {
    "tools": [
      {
        "name": "tuxcare-vex-generator",
        "version": "1.0.0"
      }
    ]
  },
  "components": [
    {
      "bom-ref": "pkg:maven/org.springframework/spring-beans@5.3.27-tuxcare.4",
      "type": "library",
      "group": "org.springframework",
      "name": "spring-beans",
      "version": "5.3.27-tuxcare.4",
      "purl": "pkg:maven/org.springframework/spring-beans@5.3.27-tuxcare.4"
    }
  ],
  "vulnerabilities": [
    {
      "bom-ref": "urn:uuid:e3218489-c295-5606-8989-8e1d693737e8",
      "id": "CVE-2016-1000027",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.27-tuxcare.4 of org.springframework:spring-beans."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-beans@5.3.27-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:9522f666-1222-565f-ab6b-19e7296201ba",
      "id": "CVE-2024-22243",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.3.27-tuxcare.4 of org.springframework:spring-beans."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-beans@5.3.27-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:bb3ef687-6770-5387-8125-5313680cb8ce",
      "id": "CVE-2024-22259",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.3.27-tuxcare.4 of org.springframework:spring-beans."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-beans@5.3.27-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:135ac106-e993-541c-8f30-d0a267128efe",
      "id": "CVE-2024-22262",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-22262 is fixed in version 5.3.27-tuxcare.4 of org.springframework:spring-beans."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-beans@5.3.27-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:dee9b40b-870f-54b5-b001-8feb59f8e8af",
      "id": "CVE-2024-38808",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.3.27-tuxcare.4 of org.springframework:spring-beans."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-beans@5.3.27-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:44fa1d7a-4f5f-5ffa-84fb-dd7e8fee08e7",
      "id": "CVE-2024-38809",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.27-tuxcare.4 of org.springframework:spring-beans."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-beans@5.3.27-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:6ba1b38b-e07b-5be3-a059-65d6c700f6d7",
      "id": "CVE-2024-38816",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.27-tuxcare.4 of org.springframework:spring-beans."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-beans@5.3.27-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:b081e3b1-19ef-5f76-b64c-f1bd7d9e5118",
      "id": "CVE-2024-38819",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38819 is fixed in version 5.3.27-tuxcare.4 of org.springframework:spring-beans."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-beans@5.3.27-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:fc7c76c2-336d-57dd-9857-6a933125d320",
      "id": "CVE-2024-38820",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.27-tuxcare.4 of org.springframework:spring-beans."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-beans@5.3.27-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:d04e8369-4812-5949-b625-f9d80cfc4f0f",
      "id": "CVE-2024-38828",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38828 is fixed in version 5.3.27-tuxcare.4 of org.springframework:spring-beans."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-beans@5.3.27-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:a408ef4e-0ff2-59b1-a614-71a5abd971d6",
      "id": "CVE-2025-22233",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.3.27-tuxcare.4 of org.springframework:spring-beans."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-beans@5.3.27-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:3d465d02-3a67-58c1-8310-0f271423bb73",
      "id": "CVE-2025-41234",
      "analysis": {
        "state": "false_positive",
        "detail": "Vulnerability CVE-2025-41234 is a false positive for org.springframework:spring-beans 5.3.27-tuxcare.4."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-beans@5.3.27-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:1c61b69a-f973-52f4-b878-45538f076522",
      "id": "CVE-2025-41242",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.3.27-tuxcare.4 of org.springframework:spring-beans."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-beans@5.3.27-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:a08c4ec8-644f-5793-a099-4604380ad334",
      "id": "CVE-2025-41249",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-41249 is fixed in version 5.3.27-tuxcare.4 of org.springframework:spring-beans."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-beans@5.3.27-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:d394cea7-039e-5010-8f81-ac4516772742",
      "id": "CVE-2025-41254",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.27-tuxcare.4 of org.springframework:spring-beans."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-beans@5.3.27-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:4777a2af-000d-5478-b210-c02143128387",
      "id": "CVE-2026-22735",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-22735 affects version 5.3.27-tuxcare.4 of org.springframework:spring-beans."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-beans@5.3.27-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:ac3b0b21-cad7-5e72-bbf7-08edb28f39fa",
      "id": "CVE-2026-22737",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-22737 affects version 5.3.27-tuxcare.4 of org.springframework:spring-beans."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-beans@5.3.27-tuxcare.4"
        }
      ]
    }
  ],
  "dependencies": [
    {
      "ref": "pkg:maven/org.springframework/spring-beans@5.3.27-tuxcare.4"
    }
  ]
}