{
  "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
  "bomFormat": "CycloneDX",
  "specVersion": "1.6",
  "serialNumber": "urn:uuid:9dd83244-023f-5d00-869d-c0640f3ccc47",
  "version": 1,
  "metadata": {
    "tools": [
      {
        "name": "tuxcare-vex-generator",
        "version": "1.0.0"
      }
    ]
  },
  "components": [
    {
      "bom-ref": "pkg:maven/org.springframework/spring-webmvc@5.3.27-tuxcare.2",
      "type": "library",
      "group": "org.springframework",
      "name": "spring-webmvc",
      "version": "5.3.27-tuxcare.2",
      "purl": "pkg:maven/org.springframework/spring-webmvc@5.3.27-tuxcare.2"
    }
  ],
  "vulnerabilities": [
    {
      "bom-ref": "urn:uuid:6955f068-c7c0-5be4-95e8-ef6af1ce89c4",
      "id": "CVE-2016-1000027",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.27-tuxcare.2 of org.springframework:spring-webmvc."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.27-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:0895b824-0cf4-5b98-a40d-f5c9f7bfe505",
      "id": "CVE-2024-22243",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.3.27-tuxcare.2 of org.springframework:spring-webmvc."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.27-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:ac438980-d71b-50a1-9456-d40ba9007cb1",
      "id": "CVE-2024-22259",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.3.27-tuxcare.2 of org.springframework:spring-webmvc."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.27-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:947daac7-eca4-5a7b-bac6-650d2b9f86b0",
      "id": "CVE-2024-22262",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-22262 is fixed in version 5.3.27-tuxcare.2 of org.springframework:spring-webmvc."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.27-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:33f4dd63-56c7-5183-b950-2e50968d62c4",
      "id": "CVE-2024-38808",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.3.27-tuxcare.2 of org.springframework:spring-webmvc."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.27-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:68362ebd-f6fd-59bb-bc7f-6aec5eed5296",
      "id": "CVE-2024-38809",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.27-tuxcare.2 of org.springframework:spring-webmvc."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.27-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:51e20304-de0a-57e6-a378-6ce896abbc01",
      "id": "CVE-2024-38816",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.27-tuxcare.2 of org.springframework:spring-webmvc."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.27-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:e3e29ccf-1400-5b49-8bdf-3baccd480e5f",
      "id": "CVE-2024-38819",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38819 is fixed in version 5.3.27-tuxcare.2 of org.springframework:spring-webmvc."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.27-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:ade832dd-53d7-5a32-b150-702834b40c0d",
      "id": "CVE-2024-38820",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.27-tuxcare.2 of org.springframework:spring-webmvc."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.27-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:f4467a67-8c09-554d-9e38-1a922a92514f",
      "id": "CVE-2024-38828",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38828 is fixed in version 5.3.27-tuxcare.2 of org.springframework:spring-webmvc."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.27-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:f3ed71c6-f725-5593-8504-62d9c18b6ff8",
      "id": "CVE-2025-22233",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.3.27-tuxcare.2 of org.springframework:spring-webmvc."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.27-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:0cff52a7-2ce5-55a9-a8df-2a5c884c2b7f",
      "id": "CVE-2025-41234",
      "analysis": {
        "state": "false_positive",
        "detail": "Vulnerability CVE-2025-41234 is a false positive for org.springframework:spring-webmvc 5.3.27-tuxcare.2."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.27-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:26ee127d-8ffd-59c0-bc7f-a35acfd186e2",
      "id": "CVE-2025-41242",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.3.27-tuxcare.2 of org.springframework:spring-webmvc."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.27-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:f840a9bc-8341-55b8-a32f-6999ad0b8fd3",
      "id": "CVE-2025-41249",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2025-41249 affects version 5.3.27-tuxcare.2 of org.springframework:spring-webmvc."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.27-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:bff2261b-e57c-5796-84e6-6ea0d4897fab",
      "id": "CVE-2025-41254",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.27-tuxcare.2 of org.springframework:spring-webmvc."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.27-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:4962cd59-2706-55a2-b0b5-9cb764a6b57c",
      "id": "CVE-2026-22735",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-22735 affects version 5.3.27-tuxcare.2 of org.springframework:spring-webmvc."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.27-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:f96f5390-f7ee-5b42-8f85-d5112bd47394",
      "id": "CVE-2026-22737",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-22737 affects version 5.3.27-tuxcare.2 of org.springframework:spring-webmvc."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.27-tuxcare.2"
        }
      ]
    }
  ],
  "dependencies": [
    {
      "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.27-tuxcare.2"
    }
  ]
}