{
  "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
  "bomFormat": "CycloneDX",
  "specVersion": "1.6",
  "serialNumber": "urn:uuid:4164bdb6-dfb3-5348-927c-143fb7cefb9c",
  "version": 1,
  "metadata": {
    "tools": [
      {
        "name": "tuxcare-vex-generator",
        "version": "1.0.0"
      }
    ]
  },
  "components": [
    {
      "bom-ref": "pkg:maven/org.springframework/spring-beans@5.3.27-tuxcare.3",
      "type": "library",
      "group": "org.springframework",
      "name": "spring-beans",
      "version": "5.3.27-tuxcare.3",
      "purl": "pkg:maven/org.springframework/spring-beans@5.3.27-tuxcare.3"
    }
  ],
  "vulnerabilities": [
    {
      "bom-ref": "urn:uuid:26588ba8-a592-5c87-8204-151ee2173a39",
      "id": "CVE-2016-1000027",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.27-tuxcare.3 of org.springframework:spring-beans."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-beans@5.3.27-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:c7337273-26a3-5bd3-9f31-d537e69860b7",
      "id": "CVE-2024-22243",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.3.27-tuxcare.3 of org.springframework:spring-beans."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-beans@5.3.27-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:e153575e-ca94-5de0-ab8e-3a679fce7533",
      "id": "CVE-2024-22259",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.3.27-tuxcare.3 of org.springframework:spring-beans."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-beans@5.3.27-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:7b29960a-d39a-55ba-a273-44b134b94a90",
      "id": "CVE-2024-22262",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-22262 is fixed in version 5.3.27-tuxcare.3 of org.springframework:spring-beans."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-beans@5.3.27-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:3c77d9a5-8ee0-5d40-8ad6-e4ed98da8471",
      "id": "CVE-2024-38808",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.3.27-tuxcare.3 of org.springframework:spring-beans."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-beans@5.3.27-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:7fcb7dd5-3dcb-57ea-8408-70810a916bb3",
      "id": "CVE-2024-38809",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.27-tuxcare.3 of org.springframework:spring-beans."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-beans@5.3.27-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:fed35146-4e4a-526b-827e-4c6d7e26c511",
      "id": "CVE-2024-38816",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.27-tuxcare.3 of org.springframework:spring-beans."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-beans@5.3.27-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:66887d12-b8c4-5288-b7fd-38a9d664176a",
      "id": "CVE-2024-38819",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38819 is fixed in version 5.3.27-tuxcare.3 of org.springframework:spring-beans."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-beans@5.3.27-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:53b03878-b1ef-55ec-9ccf-cc586ad3fb29",
      "id": "CVE-2024-38820",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.27-tuxcare.3 of org.springframework:spring-beans."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-beans@5.3.27-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:c7346545-cc8e-5994-ae39-e7327e3c53d8",
      "id": "CVE-2024-38828",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38828 is fixed in version 5.3.27-tuxcare.3 of org.springframework:spring-beans."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-beans@5.3.27-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:adeddafe-ad1b-53c8-b134-f54a52a37484",
      "id": "CVE-2025-22233",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.3.27-tuxcare.3 of org.springframework:spring-beans."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-beans@5.3.27-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:e40e78f2-bc98-52d1-916d-e077a90bb521",
      "id": "CVE-2025-41234",
      "analysis": {
        "state": "false_positive",
        "detail": "Vulnerability CVE-2025-41234 is a false positive for org.springframework:spring-beans 5.3.27-tuxcare.3."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-beans@5.3.27-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:b14889be-e760-5cd9-a655-b52a4786f57c",
      "id": "CVE-2025-41242",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.3.27-tuxcare.3 of org.springframework:spring-beans."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-beans@5.3.27-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:1c690845-12b3-57b2-a80d-34ec412fa667",
      "id": "CVE-2025-41249",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2025-41249 affects version 5.3.27-tuxcare.3 of org.springframework:spring-beans."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-beans@5.3.27-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:fa502824-5998-528e-874f-caadb6a36a9a",
      "id": "CVE-2025-41254",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.27-tuxcare.3 of org.springframework:spring-beans."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-beans@5.3.27-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:9e6348b8-434e-515d-aca2-4f98c7585e8e",
      "id": "CVE-2026-22735",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-22735 affects version 5.3.27-tuxcare.3 of org.springframework:spring-beans."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-beans@5.3.27-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:9065c53a-e724-5ba6-8dd5-7c3e2e420d5e",
      "id": "CVE-2026-22737",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-22737 affects version 5.3.27-tuxcare.3 of org.springframework:spring-beans."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-beans@5.3.27-tuxcare.3"
        }
      ]
    }
  ],
  "dependencies": [
    {
      "ref": "pkg:maven/org.springframework/spring-beans@5.3.27-tuxcare.3"
    }
  ]
}