{
  "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
  "bomFormat": "CycloneDX",
  "specVersion": "1.6",
  "serialNumber": "urn:uuid:40d4506e-8e6f-5650-a34f-4870dba1cff3",
  "version": 1,
  "metadata": {
    "tools": [
      {
        "name": "tuxcare-vex-generator",
        "version": "1.0.0"
      }
    ]
  },
  "components": [
    {
      "bom-ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.27-tuxcare.3",
      "type": "library",
      "group": "org.springframework",
      "name": "spring-framework-bom",
      "version": "5.3.27-tuxcare.3",
      "purl": "pkg:maven/org.springframework/spring-framework-bom@5.3.27-tuxcare.3"
    }
  ],
  "vulnerabilities": [
    {
      "bom-ref": "urn:uuid:57b539c4-04dd-53ff-bc60-8b91e3db0f5a",
      "id": "CVE-2016-1000027",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.27-tuxcare.3 of org.springframework:spring-framework-bom."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.27-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:ce831592-68ae-53b6-8492-c7390d47527c",
      "id": "CVE-2024-22243",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.3.27-tuxcare.3 of org.springframework:spring-framework-bom."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.27-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:5da9f996-e38f-5073-80cf-135186816ea7",
      "id": "CVE-2024-22259",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.3.27-tuxcare.3 of org.springframework:spring-framework-bom."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.27-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:e50506c0-6987-5e9f-b0e6-72962164ac71",
      "id": "CVE-2024-22262",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-22262 is fixed in version 5.3.27-tuxcare.3 of org.springframework:spring-framework-bom."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.27-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:28630e46-e135-5411-9b77-cc4ac716967c",
      "id": "CVE-2024-38808",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.3.27-tuxcare.3 of org.springframework:spring-framework-bom."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.27-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:f992506d-6da0-5eb8-84b9-d4464fc65fa8",
      "id": "CVE-2024-38809",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.27-tuxcare.3 of org.springframework:spring-framework-bom."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.27-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:9c4766ea-2659-58e4-a876-08ef1bed5661",
      "id": "CVE-2024-38816",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.27-tuxcare.3 of org.springframework:spring-framework-bom."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.27-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:bce8e080-2395-516e-b39b-d279b6391c1f",
      "id": "CVE-2024-38819",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38819 is fixed in version 5.3.27-tuxcare.3 of org.springframework:spring-framework-bom."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.27-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:73dcb20e-5864-5e77-a253-9106a6d7bb5c",
      "id": "CVE-2024-38820",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.27-tuxcare.3 of org.springframework:spring-framework-bom."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.27-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:8374ac3a-ac30-534b-ba44-39c3b372467d",
      "id": "CVE-2024-38828",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38828 is fixed in version 5.3.27-tuxcare.3 of org.springframework:spring-framework-bom."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.27-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:979359b4-2541-500d-a878-f7b309532a39",
      "id": "CVE-2025-22233",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.3.27-tuxcare.3 of org.springframework:spring-framework-bom."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.27-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:ca32791d-0ebe-5601-a556-78a6b7950b88",
      "id": "CVE-2025-41234",
      "analysis": {
        "state": "false_positive",
        "detail": "Vulnerability CVE-2025-41234 is a false positive for org.springframework:spring-framework-bom 5.3.27-tuxcare.3."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.27-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:ef58ec5e-25de-53b3-ad67-979b05303228",
      "id": "CVE-2025-41242",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.3.27-tuxcare.3 of org.springframework:spring-framework-bom."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.27-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:fe812ab1-3443-56e8-b44d-a9e36915b207",
      "id": "CVE-2025-41249",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2025-41249 affects version 5.3.27-tuxcare.3 of org.springframework:spring-framework-bom."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.27-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:c7316ee4-1a3a-5c52-9e4a-d3abd46d1106",
      "id": "CVE-2025-41254",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.27-tuxcare.3 of org.springframework:spring-framework-bom."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.27-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:20eb99ba-ab82-5939-989b-03fc215e9280",
      "id": "CVE-2026-22735",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-22735 affects version 5.3.27-tuxcare.3 of org.springframework:spring-framework-bom."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.27-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:c1b1c090-24ba-5c48-86c2-beb8908fb9b9",
      "id": "CVE-2026-22737",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-22737 affects version 5.3.27-tuxcare.3 of org.springframework:spring-framework-bom."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.27-tuxcare.3"
        }
      ]
    }
  ],
  "dependencies": [
    {
      "ref": "pkg:maven/org.springframework/spring-framework-bom@5.3.27-tuxcare.3"
    }
  ]
}