{
  "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
  "bomFormat": "CycloneDX",
  "specVersion": "1.6",
  "serialNumber": "urn:uuid:707dacf7-9b7f-5dde-a3e6-1a08a335cfca",
  "version": 1,
  "metadata": {
    "tools": [
      {
        "name": "tuxcare-vex-generator",
        "version": "1.0.0"
      }
    ]
  },
  "components": [
    {
      "bom-ref": "pkg:maven/org.springframework/spring-webflux@5.3.31-tuxcare.2",
      "type": "library",
      "group": "org.springframework",
      "name": "spring-webflux",
      "version": "5.3.31-tuxcare.2",
      "purl": "pkg:maven/org.springframework/spring-webflux@5.3.31-tuxcare.2"
    }
  ],
  "vulnerabilities": [
    {
      "bom-ref": "urn:uuid:e21a02f9-7c5f-5b2d-a214-156e8e23848b",
      "id": "CVE-2016-1000027",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.31-tuxcare.2 of org.springframework:spring-webflux."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webflux@5.3.31-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:dc7af825-4ce1-539f-b7a6-9d8bfe8cfe5a",
      "id": "CVE-2024-22243",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.3.31-tuxcare.2 of org.springframework:spring-webflux."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webflux@5.3.31-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:9f08fd64-cc77-583c-8dea-da190feaac03",
      "id": "CVE-2024-22259",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.3.31-tuxcare.2 of org.springframework:spring-webflux."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webflux@5.3.31-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:70b2821c-092c-5c08-a082-49e9cd82a6bc",
      "id": "CVE-2024-22262",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-22262 is fixed in version 5.3.31-tuxcare.2 of org.springframework:spring-webflux."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webflux@5.3.31-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:f769f0ce-31c6-542a-8567-b26bf3b8d2df",
      "id": "CVE-2024-38808",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.3.31-tuxcare.2 of org.springframework:spring-webflux."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webflux@5.3.31-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:8a453274-f594-5947-9ab3-e3dba8bcca3b",
      "id": "CVE-2024-38809",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.31-tuxcare.2 of org.springframework:spring-webflux."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webflux@5.3.31-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:546e9a54-9345-5e64-b57d-8d98aeb54c5a",
      "id": "CVE-2024-38816",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.31-tuxcare.2 of org.springframework:spring-webflux."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webflux@5.3.31-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:6636ae9d-c3cf-51c3-8642-5d6e7928a513",
      "id": "CVE-2024-38819",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38819 is fixed in version 5.3.31-tuxcare.2 of org.springframework:spring-webflux."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webflux@5.3.31-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:ae6c0dc2-f320-500a-8d18-31b2f10f634c",
      "id": "CVE-2024-38820",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.31-tuxcare.2 of org.springframework:spring-webflux."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webflux@5.3.31-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:1e12fd60-57a0-5aa9-b881-2a6b3d54160e",
      "id": "CVE-2024-38828",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38828 is fixed in version 5.3.31-tuxcare.2 of org.springframework:spring-webflux."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webflux@5.3.31-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:3e084c5d-8aa3-52b4-bb61-9ecc872ecb8d",
      "id": "CVE-2025-22233",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.3.31-tuxcare.2 of org.springframework:spring-webflux."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webflux@5.3.31-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:21d67e87-482e-5362-b31e-e6a10b7ac5b6",
      "id": "CVE-2025-41234",
      "analysis": {
        "state": "false_positive",
        "detail": "Vulnerability CVE-2025-41234 is a false positive for org.springframework:spring-webflux 5.3.31-tuxcare.2."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webflux@5.3.31-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:116ce17e-061a-5038-a33e-823efbbdcce5",
      "id": "CVE-2025-41242",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.3.31-tuxcare.2 of org.springframework:spring-webflux."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webflux@5.3.31-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:7264971e-5cab-5ba6-be7d-8b001b7d017b",
      "id": "CVE-2025-41249",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-41249 is fixed in version 5.3.31-tuxcare.2 of org.springframework:spring-webflux."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webflux@5.3.31-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:d5d5ac32-d864-5c1b-bb24-e68367251974",
      "id": "CVE-2025-41254",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.31-tuxcare.2 of org.springframework:spring-webflux."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webflux@5.3.31-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:99ac5e2a-33ff-5790-8915-b5d7c5d6a722",
      "id": "CVE-2026-22735",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-22735 affects version 5.3.31-tuxcare.2 of org.springframework:spring-webflux."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webflux@5.3.31-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:95d4c59d-f67c-5dfb-a305-b8bad0f775d9",
      "id": "CVE-2026-22737",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-22737 affects version 5.3.31-tuxcare.2 of org.springframework:spring-webflux."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webflux@5.3.31-tuxcare.2"
        }
      ]
    }
  ],
  "dependencies": [
    {
      "ref": "pkg:maven/org.springframework/spring-webflux@5.3.31-tuxcare.2"
    }
  ]
}