{
  "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
  "bomFormat": "CycloneDX",
  "specVersion": "1.6",
  "serialNumber": "urn:uuid:bd06624a-4fc7-5ab0-bfa1-f7bacaa1c10e",
  "version": 1,
  "metadata": {
    "tools": [
      {
        "name": "tuxcare-vex-generator",
        "version": "1.0.0"
      }
    ]
  },
  "components": [
    {
      "bom-ref": "pkg:maven/org.springframework/spring-webmvc@5.3.29-tuxcare.3",
      "type": "library",
      "group": "org.springframework",
      "name": "spring-webmvc",
      "version": "5.3.29-tuxcare.3",
      "purl": "pkg:maven/org.springframework/spring-webmvc@5.3.29-tuxcare.3"
    }
  ],
  "vulnerabilities": [
    {
      "bom-ref": "urn:uuid:9ba620c8-47fc-5492-876a-d6b2758bbcac",
      "id": "CVE-2016-1000027",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.29-tuxcare.3 of org.springframework:spring-webmvc."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.29-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:bfef3651-47e9-5c37-b06a-9eba275444bf",
      "id": "CVE-2024-22243",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.3.29-tuxcare.3 of org.springframework:spring-webmvc."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.29-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:44fb0ee9-6cc4-50ae-aea7-7c56aaaa7a37",
      "id": "CVE-2024-22259",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.3.29-tuxcare.3 of org.springframework:spring-webmvc."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.29-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:8e000c8a-01c0-581d-aa99-7da8f25434ca",
      "id": "CVE-2024-22262",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-22262 is fixed in version 5.3.29-tuxcare.3 of org.springframework:spring-webmvc."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.29-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:9b0cb968-a547-5447-b739-3da28857a250",
      "id": "CVE-2024-38808",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.3.29-tuxcare.3 of org.springframework:spring-webmvc."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.29-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:4aa94e9c-46bd-5ba6-8a3f-0760ae0fb6fb",
      "id": "CVE-2024-38809",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.29-tuxcare.3 of org.springframework:spring-webmvc."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.29-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:37e54528-e884-5f5f-a297-92cecacc2505",
      "id": "CVE-2024-38816",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.29-tuxcare.3 of org.springframework:spring-webmvc."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.29-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:964d5d2b-670a-56df-a3cd-9d5790fa33ae",
      "id": "CVE-2024-38819",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38819 is fixed in version 5.3.29-tuxcare.3 of org.springframework:spring-webmvc."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.29-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:ab157f6b-7a34-5d43-890b-9766b44c2b4b",
      "id": "CVE-2024-38820",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.29-tuxcare.3 of org.springframework:spring-webmvc."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.29-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:e25db452-7933-5046-81df-106b7acf36ed",
      "id": "CVE-2024-38828",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-38828 is fixed in version 5.3.29-tuxcare.3 of org.springframework:spring-webmvc."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.29-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:e9adc624-7c64-5e2e-a90d-74b5c31481d0",
      "id": "CVE-2025-22233",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.3.29-tuxcare.3 of org.springframework:spring-webmvc."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.29-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:a9406d38-56a8-5900-91c4-a16199335147",
      "id": "CVE-2025-41234",
      "analysis": {
        "state": "false_positive",
        "detail": "Vulnerability CVE-2025-41234 is a false positive for org.springframework:spring-webmvc 5.3.29-tuxcare.3."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.29-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:577b9ce0-d39a-513f-8c00-f6909e2284f5",
      "id": "CVE-2025-41242",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.3.29-tuxcare.3 of org.springframework:spring-webmvc."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.29-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:56763444-3a85-54ce-b04e-7dbfb407ddf8",
      "id": "CVE-2025-41249",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2025-41249 affects version 5.3.29-tuxcare.3 of org.springframework:spring-webmvc."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.29-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:5df84c29-10f9-5e33-af5e-e424d6921162",
      "id": "CVE-2025-41254",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.29-tuxcare.3 of org.springframework:spring-webmvc."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.29-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:1e31c2bc-521d-59f8-a712-6a1679cf1a0e",
      "id": "CVE-2026-22735",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-22735 affects version 5.3.29-tuxcare.3 of org.springframework:spring-webmvc."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.29-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:6f9ac97d-6b90-5e89-88cf-55d8e3909c31",
      "id": "CVE-2026-22737",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-22737 affects version 5.3.29-tuxcare.3 of org.springframework:spring-webmvc."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.29-tuxcare.3"
        }
      ]
    }
  ],
  "dependencies": [
    {
      "ref": "pkg:maven/org.springframework/spring-webmvc@5.3.29-tuxcare.3"
    }
  ]
}