{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:8a5f0c8d-1778-50d8-ae2c-25f42fa2d3dc", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-test", "version": "3.1.1.RELEASE-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:97ce3db8-636b-5153-a344-01c25e756a93", "id": "CVE-2013-4152", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2013-4152 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0a27850f-bfbc-53f8-a680-a96367f5ddc4", "id": "CVE-2013-6429", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2013-6429 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f22c449a-9aaa-5197-b28b-eca56dae9ca9", "id": "CVE-2013-6430", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2013-6430 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e2c4f3c2-ffbd-5fad-9c50-65f18795405d", "id": "CVE-2013-7315", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-7315 affects version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:afb56f29-7d07-5ea3-9018-c931aee68213", "id": "CVE-2014-0054", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-0054 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e08e2e14-bbd5-57be-b034-4421136fcbf3", "id": "CVE-2014-0225", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-0225 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dc440927-4f9e-5876-b3f2-79b04970cab8", "id": "CVE-2014-1904", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-1904 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ba4454d2-216b-560b-9244-13b41fae4e7d", "id": "CVE-2014-3578", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3578 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8adb58d2-4c3a-5e84-972b-dcc201f35723", "id": "CVE-2014-3625", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3625 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8933054b-1b03-5abe-b3ed-2509c74f465e", "id": "CVE-2015-3192", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-3192 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:92d4e1f5-01ae-5968-8c6a-ef0370fcfc09", "id": "CVE-2015-5211", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-5211 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6e94051b-cdf4-5a07-81ed-102578c5a1f8", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7a2a8752-df44-58ce-81d9-2255e21bcd02", "id": "CVE-2016-5007", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5007 affects version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d71580c2-d900-59e4-8134-010b70f0d225", "id": "CVE-2016-9878", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-9878 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3f5192be-e3ee-5de3-8395-b418a94bb63c", "id": "CVE-2018-11039", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11039 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:503fc9f8-612f-5629-9844-4262c3b69e48", "id": "CVE-2018-11040", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2018-11040 is a false positive for org.springframework:spring-test 3.1.1.RELEASE-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:20dd1d19-d86b-5cb3-bbe1-fabb514b3f30", "id": "CVE-2018-1257", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2018-1257 is a false positive for org.springframework:spring-test 3.1.1.RELEASE-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6f30d00a-7a64-57ad-875f-f059b00a1431", "id": "CVE-2018-1270", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2018-1270 is a false positive for org.springframework:spring-test 3.1.1.RELEASE-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7c5700c2-f33b-5a1c-b5bd-c6d53cc56b79", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cfab8b37-75ca-55f3-aa1a-9a28cf18e853", "id": "CVE-2018-1272", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1272 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5450dab1-711d-516e-8604-02cf782204c4", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7a72e814-a668-588d-a679-16282d4acfcf", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d7164801-50f0-5984-832b-d000e7161f51", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8ce5e7ed-b827-525b-92fa-01d4ea02a170", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:560b9538-1e71-5c26-840f-371f4b87a715", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e86a5cdb-d789-5598-9f13-c11e8dbe34ba", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4e8186fb-207c-5ec9-8b9e-bd5f014655ca", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ca7a2a97-520f-51fc-91f7-8820d9f729ca", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:10d2f021-38b1-5990-9eac-1cef39fe2cf7", "id": "CVE-2023-20861", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20861 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6ec48a07-4219-5428-8fa6-3e225bde0058", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:df2e428e-9e21-5b13-9529-eba37e8f2e18", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:036fcb10-5290-5d09-adc1-6e3508d1b501", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ec22c38e-201f-5f9a-9dea-a1e798d743e7", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:db801235-11c6-5901-8d52-58e0fa247cf3", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c2feb24b-9e9b-5c60-82d8-96d1b3ac3140", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5a7ffdfa-e290-5fb4-ae8c-c573536e8512", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ce9d6b85-9984-5c54-a112-087462b3113f", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d49bc855-239e-5af0-a71b-1c22e292eb89", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a3bf5280-bc91-5cdc-bc8b-8ffd6aad7e84", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bc1cadd5-26b0-5279-82f3-222d5f95cf38", "id": "CVE-2025-41242", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41242 is a false positive for org.springframework:spring-test 3.1.1.RELEASE-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9994c65b-eae1-5928-83f5-0b1eac693038", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:441154d5-43d6-52c9-bff9-d87e55c82080", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5dfe63d3-748d-5b01-a89d-ae708445eb21", "id": "CVE-2026-22740", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2026-22740 does not affect version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-test. CVE-2026-22740 is a WebFlux-specific vulnerability (reactive multipart temp-file cleanup in org.springframework.http.codec.multipart.MultipartHttpMessageReader / PartGenerator). Spring Framework 3.1.1.RELEASE predates WebFlux entirely - the org.springframework.http.codec package does not exist in this version, and there is no reactive multipart code path. Per NVD, affected versions are 5.3.x, 6.1.x, 6.2.x, 7.0.x only; Spring 3.x is not in the affected range." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a6f4c4be-6471-5e0c-a8f7-250b1de93228", "id": "CVE-2026-41841", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41841 affects version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d4dbf34f-c335-5f27-83d4-bd3cec64eb63", "id": "CVE-2026-41842", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2026-41842 does not affect version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-test. not_affected \u2014 Spring Framework 3.1.1 is NOT affected by CVE-2026-41842. The vulnerability exists in content-based version strategies for static resource handling, a feature introduced in Spring Framework 4.1 (2014). Spring 3.1.1 (2011) predates this feature and contains no version removal logic in resource handling." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:acdce5cd-8591-5c89-b38f-f64f4ecb5fc8", "id": "CVE-2026-41843", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2026-41843 does not affect version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-test. not_affected \u2014 Spring Framework 3.1.1.RELEASE is not affected by CVE-2026-41843. The vulnerability requires the content-based version strategy feature (VersionResourceResolver, AbstractVersionStrategy, etc.) which was introduced in Spring Framework 4.1+. This feature does not exist in version 3.1.1, making the attack chain impossible." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f4014a19-a132-5349-a3d4-b64a65945c42", "id": "CVE-2026-41844", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41844 affects version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f3afea2a-8a89-5bdd-8ec3-42dc142ac939", "id": "CVE-2026-41845", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2026-41845 does not affect version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-test. not_affected \u2014 Spring Framework 3.1.1.RELEASE (2012) predates the ECMAScript 6 specification (2015) that introduced template literal syntax. While the code lacks escaping for backtick (`) and dollar sign ($) characters in JavaScriptUtils.javaScriptEscape(), these unescaped characters cannot lead to arbitrary JavaScript code execution in the pre-ES6 JavaScript environment this version was designed for. The att..." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:02c1ff1f-f521-5867-b552-8dab0aaefd83", "id": "CVE-2026-41846", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41846 affects version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8c4d5811-2670-5393-9c22-c6c664a2f51b", "id": "CVE-2026-41848", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41848 affects version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:42432241-1108-57dc-a3f2-e2245d9857c5", "id": "CVE-2026-41849", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41849 affects version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:10b4c261-0bb2-573a-ba92-3291d0c3be78", "id": "CVE-2026-41850", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41850 affects version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1ac7f40e-7676-5cd0-91e4-a19fc2c62004", "id": "CVE-2026-41851", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41851 affects version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2c291461-1026-536e-97ff-08cfe2b7d2e5", "id": "CVE-2026-41852", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41852 affects version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0f46f873-c523-51e4-b7cf-1796364dea2e", "id": "CVE-2026-41853", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41853 affects version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c010b294-eb4a-5971-a71b-59b27b053a71", "id": "CVE-2026-41855", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41855 affects version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.1" } ] }