{
  "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
  "bomFormat": "CycloneDX",
  "specVersion": "1.6",
  "serialNumber": "urn:uuid:19c3f7a4-b57f-59cf-b9c5-7a26004818ee",
  "version": 1,
  "metadata": {
    "tools": [
      {
        "name": "tuxcare-vex-generator",
        "version": "1.0.0"
      }
    ]
  },
  "components": [
    {
      "bom-ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.27-tuxcare.4",
      "type": "library",
      "group": "org.springframework",
      "name": "spring-framework-bom",
      "version": "5.3.27-tuxcare.4",
      "purl": "pkg:maven/org.springframework/spring-framework-bom@5.3.27-tuxcare.4"
    }
  ],
  "vulnerabilities": [
    {
      "bom-ref": "urn:uuid:e39d4de2-f8c3-5df9-96cf-fc880c14382b",
      "id": "CVE-2016-1000027",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.27-tuxcare.4 of org.springframework:spring-framework-bom."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.27-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:2427230a-c9d9-5cf1-9665-fb25e2e7b95a",
      "id": "CVE-2024-22243",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.3.27-tuxcare.4 of org.springframework:spring-framework-bom."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.27-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:f76157f2-4c4e-507e-942e-8a3568509ee8",
      "id": "CVE-2024-22259",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.3.27-tuxcare.4 of org.springframework:spring-framework-bom."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.27-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:1cedb88b-648d-571b-b210-d62dab33abd9",
      "id": "CVE-2024-22262",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-22262 is fixed in version 5.3.27-tuxcare.4 of org.springframework:spring-framework-bom."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.27-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:1f32dff4-bc6f-5d04-a1c4-f7688e1a97f6",
      "id": "CVE-2024-38808",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.3.27-tuxcare.4 of org.springframework:spring-framework-bom."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.27-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:80c570ae-fe20-55e1-8d2e-b5d85b255afc",
      "id": "CVE-2024-38809",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.27-tuxcare.4 of org.springframework:spring-framework-bom."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.27-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:2233b1a3-dfb3-5f1a-aaf8-593e75da5731",
      "id": "CVE-2024-38816",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.27-tuxcare.4 of org.springframework:spring-framework-bom."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.27-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:f3c03992-b220-5a54-84c0-a677b86fde63",
      "id": "CVE-2024-38819",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38819 is fixed in version 5.3.27-tuxcare.4 of org.springframework:spring-framework-bom."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.27-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:bb6ce655-2066-5ba7-b162-95c277aba98b",
      "id": "CVE-2024-38820",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.27-tuxcare.4 of org.springframework:spring-framework-bom."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.27-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:dd8b2b2e-a8c0-57be-8629-df0a53e2f0f1",
      "id": "CVE-2024-38828",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38828 is fixed in version 5.3.27-tuxcare.4 of org.springframework:spring-framework-bom."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.27-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:121c58c8-ec81-559e-93f6-f498f5518438",
      "id": "CVE-2025-22233",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.3.27-tuxcare.4 of org.springframework:spring-framework-bom."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.27-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:c5cf0c3c-7a5e-5202-8d7d-6ecd977c8f9c",
      "id": "CVE-2025-41234",
      "analysis": {
        "state": "false_positive",
        "detail": "Vulnerability CVE-2025-41234 is a false positive for org.springframework:spring-framework-bom 5.3.27-tuxcare.4."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.27-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:5ff8bdb8-2743-591f-a056-4a40b653b706",
      "id": "CVE-2025-41242",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.3.27-tuxcare.4 of org.springframework:spring-framework-bom."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.27-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:c47a0683-125e-51a7-bf00-e9380f518ce3",
      "id": "CVE-2025-41249",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-41249 is fixed in version 5.3.27-tuxcare.4 of org.springframework:spring-framework-bom."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.27-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:d9e7e330-1fa4-5323-b5e2-acc9f2f9836b",
      "id": "CVE-2025-41254",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.27-tuxcare.4 of org.springframework:spring-framework-bom."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.27-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:ab647d43-220f-5a72-b841-8aa8d3284b54",
      "id": "CVE-2026-22735",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-22735 affects version 5.3.27-tuxcare.4 of org.springframework:spring-framework-bom."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.27-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:5fbad5f5-d7b4-5f1c-8cc1-edc4d26dc4ef",
      "id": "CVE-2026-22737",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-22737 affects version 5.3.27-tuxcare.4 of org.springframework:spring-framework-bom."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.27-tuxcare.4"
        }
      ]
    }
  ],
  "dependencies": [
    {
      "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.27-tuxcare.4"
    }
  ]
}