{
  "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
  "bomFormat": "CycloneDX",
  "specVersion": "1.6",
  "serialNumber": "urn:uuid:e853bd9c-11cc-5d16-98a7-a888e394d99d",
  "version": 1,
  "metadata": {
    "tools": [
      {
        "name": "tuxcare-vex-generator",
        "version": "1.0.0"
      }
    ]
  },
  "components": [
    {
      "bom-ref": "pkg:maven/org.springframework/spring-jdbc@5.3.31-tuxcare.1",
      "type": "library",
      "group": "org.springframework",
      "name": "spring-jdbc",
      "version": "5.3.31-tuxcare.1",
      "purl": "pkg:maven/org.springframework/spring-jdbc@5.3.31-tuxcare.1"
    }
  ],
  "vulnerabilities": [
    {
      "bom-ref": "urn:uuid:94b5e2a6-1d50-5634-a571-b5e1c67bfb92",
      "id": "CVE-2016-1000027",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.31-tuxcare.1 of org.springframework:spring-jdbc."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.31-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:85a59bfb-3466-5127-9292-8f0525db8e5f",
      "id": "CVE-2024-22243",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.3.31-tuxcare.1 of org.springframework:spring-jdbc."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.31-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:7fd0f6b6-c464-529b-9d49-81503ca3b533",
      "id": "CVE-2024-22259",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.3.31-tuxcare.1 of org.springframework:spring-jdbc."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.31-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:8d95a6ca-9a7d-52c0-adc2-86420604bc56",
      "id": "CVE-2024-22262",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-22262 is fixed in version 5.3.31-tuxcare.1 of org.springframework:spring-jdbc."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.31-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:ddcb5807-8eb2-5534-8c71-092644068d80",
      "id": "CVE-2024-38808",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.3.31-tuxcare.1 of org.springframework:spring-jdbc."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.31-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:edf13c9d-cf52-5d01-8b94-21a2f3d91be1",
      "id": "CVE-2024-38809",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.31-tuxcare.1 of org.springframework:spring-jdbc."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.31-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:ed88261f-988a-5a2e-a3b2-3d77efb54783",
      "id": "CVE-2024-38816",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-38816 affects version 5.3.31-tuxcare.1 of org.springframework:spring-jdbc."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.31-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:3c52992b-7de9-58c5-adb8-7ca3085a6164",
      "id": "CVE-2024-38819",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38819 is fixed in version 5.3.31-tuxcare.1 of org.springframework:spring-jdbc."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.31-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:b18a9b23-428f-591b-a8ee-1db3141b1801",
      "id": "CVE-2024-38820",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.31-tuxcare.1 of org.springframework:spring-jdbc."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.31-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:ead0a630-c392-5092-9ad8-78fceeb6d748",
      "id": "CVE-2024-38828",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38828 is fixed in version 5.3.31-tuxcare.1 of org.springframework:spring-jdbc."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.31-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:cc3a2387-70b1-5d7e-88be-22bdb18c1011",
      "id": "CVE-2025-22233",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2025-22233 affects version 5.3.31-tuxcare.1 of org.springframework:spring-jdbc."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.31-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:e0a23294-f55d-5f7c-b244-3f66ae032e27",
      "id": "CVE-2025-41234",
      "analysis": {
        "state": "false_positive",
        "detail": "Vulnerability CVE-2025-41234 is a false positive for org.springframework:spring-jdbc 5.3.31-tuxcare.1."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.31-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:f2b03a3e-ed05-50f1-8ca1-ece7b608a12d",
      "id": "CVE-2025-41242",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.3.31-tuxcare.1 of org.springframework:spring-jdbc."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.31-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:d0681f4c-a198-5c0e-8de9-96ed55b80fbc",
      "id": "CVE-2025-41249",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-41249 is fixed in version 5.3.31-tuxcare.1 of org.springframework:spring-jdbc."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.31-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:5d7644b1-8a8c-5140-b887-dea1947f73c0",
      "id": "CVE-2025-41254",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.31-tuxcare.1 of org.springframework:spring-jdbc."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.31-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:bf169755-9b31-5f9a-83a6-7b392d7b2071",
      "id": "CVE-2026-22735",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-22735 affects version 5.3.31-tuxcare.1 of org.springframework:spring-jdbc."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.31-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:c56af464-208c-5645-91e6-6c4df2ebeec4",
      "id": "CVE-2026-22737",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-22737 affects version 5.3.31-tuxcare.1 of org.springframework:spring-jdbc."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.31-tuxcare.1"
        }
      ]
    }
  ],
  "dependencies": [
    {
      "ref": "pkg:maven/org.springframework/spring-jdbc@5.3.31-tuxcare.1"
    }
  ]
}