{
  "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
  "bomFormat": "CycloneDX",
  "specVersion": "1.6",
  "serialNumber": "urn:uuid:f5a7cbcf-1a14-5b69-89ed-81c42fffcf3a",
  "version": 1,
  "metadata": {
    "tools": [
      {
        "name": "tuxcare-vex-generator",
        "version": "1.0.0"
      }
    ]
  },
  "components": [
    {
      "bom-ref": "pkg:maven/com.fasterxml.woodstox/woodstox-core@5.0.3.tuxcare",
      "type": "library",
      "group": "com.fasterxml.woodstox",
      "name": "woodstox-core",
      "version": "5.0.3.tuxcare",
      "purl": "pkg:maven/com.fasterxml.woodstox/woodstox-core@5.0.3.tuxcare"
    }
  ],
  "vulnerabilities": [
    {
      "bom-ref": "urn:uuid:590e867b-6c56-54d4-8aa3-cc5b1bbc5f14",
      "id": "CVE-2022-40152",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2022-40152 is fixed in version 5.0.3.tuxcare of com.fasterxml.woodstox:woodstox-core."
      },
      "affects": [
        {
          "ref": "pkg:maven/com.fasterxml.woodstox/woodstox-core@5.0.3.tuxcare"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:7dd3cd22-e62f-5549-b934-6849cefeee4b",
      "id": "CVE-2022-40153",
      "analysis": {
        "state": "false_positive",
        "detail": "Vulnerability CVE-2022-40153 is a false positive for com.fasterxml.woodstox:woodstox-core 5.0.3.tuxcare."
      },
      "affects": [
        {
          "ref": "pkg:maven/com.fasterxml.woodstox/woodstox-core@5.0.3.tuxcare"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:95ae89d6-ddf4-5aa0-99a9-6a0507d0052a",
      "id": "CVE-2022-40154",
      "analysis": {
        "state": "false_positive",
        "detail": "Vulnerability CVE-2022-40154 is a false positive for com.fasterxml.woodstox:woodstox-core 5.0.3.tuxcare."
      },
      "affects": [
        {
          "ref": "pkg:maven/com.fasterxml.woodstox/woodstox-core@5.0.3.tuxcare"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:79292750-3909-5e99-b39c-860d049f098c",
      "id": "CVE-2022-40155",
      "analysis": {
        "state": "false_positive",
        "detail": "Vulnerability CVE-2022-40155 is a false positive for com.fasterxml.woodstox:woodstox-core 5.0.3.tuxcare."
      },
      "affects": [
        {
          "ref": "pkg:maven/com.fasterxml.woodstox/woodstox-core@5.0.3.tuxcare"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:e87b5048-b82c-5a9b-8ac9-2125cbdf170b",
      "id": "CVE-2022-40156",
      "analysis": {
        "state": "false_positive",
        "detail": "Vulnerability CVE-2022-40156 is a false positive for com.fasterxml.woodstox:woodstox-core 5.0.3.tuxcare."
      },
      "affects": [
        {
          "ref": "pkg:maven/com.fasterxml.woodstox/woodstox-core@5.0.3.tuxcare"
        }
      ]
    }
  ],
  "dependencies": [
    {
      "ref": "pkg:maven/com.fasterxml.woodstox/woodstox-core@5.0.3.tuxcare"
    }
  ]
}