{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:f65f474a-454a-57c1-8970-bb71aff74007", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-test", "version": "3.1.1.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:709ab26f-fe73-5768-a4bb-e474c065ea5e", "id": "CVE-2013-4152", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2013-4152 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8a66bf89-bd04-5c4b-acff-e2749e31a52a", "id": "CVE-2013-6429", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2013-6429 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4e91e1d4-1320-5179-b4ec-65368b892aac", "id": "CVE-2013-6430", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2013-6430 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a7f674a8-4976-5e2e-aac6-e887aafa8f7e", "id": "CVE-2013-7315", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-7315 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:06f4e834-c21a-5ca9-993c-8fbe009745c9", "id": "CVE-2014-0054", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-0054 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6fe4904a-f42b-568b-9c32-b574822e6dce", "id": "CVE-2014-0225", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-0225 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3c35e58d-65bc-5dbb-9823-29016c4c7e5b", "id": "CVE-2014-1904", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-1904 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cb4d996e-5f6b-5a4b-a61f-5b277c453a22", "id": "CVE-2014-3578", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3578 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ae88dcc9-e091-5505-8535-f8f3a522b644", "id": "CVE-2014-3625", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3625 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8563de57-9864-53ac-bdd6-493711811f94", "id": "CVE-2015-3192", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-3192 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2aaab3f5-eb26-5763-9067-88a43fd290d9", "id": "CVE-2015-5211", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-5211 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:30d0b185-4465-584c-a888-042c03cd30af", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a154d3ef-3830-5224-96b5-83570f23bfcb", "id": "CVE-2016-5007", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-5007 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9d828808-a360-594c-b0ec-905411d623f8", "id": "CVE-2016-9878", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-9878 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b7bd9922-2408-515f-8d83-2681f3426b78", "id": "CVE-2018-11039", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11039 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5b9c1369-82fe-5a50-ab25-f7a8c8fb9944", "id": "CVE-2018-11040", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2018-11040 is a false positive for org.springframework:spring-test 3.1.1.RELEASE-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bd64ac8b-5863-52d0-92fb-46bb3ad057c3", "id": "CVE-2018-1257", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2018-1257 is a false positive for org.springframework:spring-test 3.1.1.RELEASE-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4d712d9c-7bf3-5aee-b545-b90e9a208235", "id": "CVE-2018-1270", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2018-1270 is a false positive for org.springframework:spring-test 3.1.1.RELEASE-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6c0cc99b-6d13-506a-88d2-735be1597d9c", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:41c4d086-e680-5a92-9cc0-94ea457acd9c", "id": "CVE-2018-1272", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1272 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4563852e-b163-5e6d-abe9-24a983df8e95", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0ba7459f-e906-5320-b345-d6b509884799", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:51081088-d8ab-5888-bcd1-fcb0f2fa5e00", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cf9e9519-4c8b-5f07-8c1d-f80435110f83", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5505e3ad-fe82-56ec-9e1a-1a14468794f0", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:389352f7-7698-5b3c-86d4-4398466ac63e", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f3e94b62-0ff9-5e47-bd16-4f6fced34484", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0042ebe0-5c3c-5bab-9491-2a70c17d9448", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0096c823-9306-5b89-b3d8-a6bd6871987d", "id": "CVE-2023-20861", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20861 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:231e4843-32e3-5619-b45f-5e971df2cf95", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e8a3ec02-675c-5722-8b51-dbdf28ca99a7", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4c2cd694-4938-51eb-9cef-70f7f9162612", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:98f6f95f-c460-5897-8d09-0a33573ea045", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bcae2561-f3b6-58f3-9082-afe575be6091", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:26e7325e-f4e8-52e4-bcc7-c1256d51fd7e", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:19f82951-e157-5bf2-b228-2182e8451fde", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4382f223-b74f-5163-9379-cddf8ca09646", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1b6a0701-3fab-52ee-978e-12aa5aa44cb5", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7aee2089-67d8-5011-bcd1-805ce9dd3155", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:90f978a7-b1b6-52e4-88ed-d486a1e100c5", "id": "CVE-2025-41242", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41242 is a false positive for org.springframework:spring-test 3.1.1.RELEASE-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2a97f669-50b0-50b5-b057-a3003b6b53a7", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1e49fa46-d565-5530-ac71-b194b0b5b02f", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b69b64f0-e4d1-54bd-8582-f7753627729d", "id": "CVE-2026-22740", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2026-22740 does not affect version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-test. CVE-2026-22740 is a WebFlux-specific vulnerability (reactive multipart temp-file cleanup in org.springframework.http.codec.multipart.MultipartHttpMessageReader / PartGenerator). Spring Framework 3.1.1.RELEASE predates WebFlux entirely - the org.springframework.http.codec package does not exist in this version, and there is no reactive multipart code path. Per NVD, affected versions are 5.3.x, 6.1.x, 6.2.x, 7.0.x only; Spring 3.x is not in the affected range." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:724828ec-abf8-5fa9-bac5-bd021fedfb2d", "id": "CVE-2026-41841", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41841 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9ecb37ac-1707-58f6-ac2e-934e1fcb20b1", "id": "CVE-2026-41842", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2026-41842 does not affect version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-test. not_affected \u2014 Spring Framework 3.1.1 is NOT affected by CVE-2026-41842. The vulnerability exists in content-based version strategies for static resource handling, a feature introduced in Spring Framework 4.1 (2014). Spring 3.1.1 (2011) predates this feature and contains no version removal logic in resource handling." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:576f9843-fbd0-54e6-9097-7cf9025fcb14", "id": "CVE-2026-41843", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2026-41843 does not affect version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-test. not_affected \u2014 Spring Framework 3.1.1.RELEASE is not affected by CVE-2026-41843. The vulnerability requires the content-based version strategy feature (VersionResourceResolver, AbstractVersionStrategy, etc.) which was introduced in Spring Framework 4.1+. This feature does not exist in version 3.1.1, making the attack chain impossible." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8cb6ea5c-29ff-588a-a87f-9d1ab00ed65f", "id": "CVE-2026-41844", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41844 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1a763034-16d3-5154-962e-afaf136c897b", "id": "CVE-2026-41845", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2026-41845 does not affect version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-test. not_affected \u2014 Spring Framework 3.1.1.RELEASE (2012) predates the ECMAScript 6 specification (2015) that introduced template literal syntax. While the code lacks escaping for backtick (`) and dollar sign ($) characters in JavaScriptUtils.javaScriptEscape(), these unescaped characters cannot lead to arbitrary JavaScript code execution in the pre-ES6 JavaScript environment this version was designed for. The att..." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b3127383-8172-5c37-8096-e35c43e12133", "id": "CVE-2026-41846", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41846 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2e76e9a0-95e1-5f33-bd7d-cda52b15826a", "id": "CVE-2026-41848", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41848 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3ceccd98-ab7e-5fd8-8a0b-a2722e9b0f77", "id": "CVE-2026-41849", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41849 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:484fc1c1-9d93-50eb-8602-8a436d8f7beb", "id": "CVE-2026-41850", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41850 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:14c28bbd-fd38-5523-ba15-9091b67a1164", "id": "CVE-2026-41851", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41851 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:69f84e9f-98b2-5132-b9ad-d3e6e4df98f6", "id": "CVE-2026-41852", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41852 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4afc1f1a-1be1-527d-961b-69b10ba04b07", "id": "CVE-2026-41853", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41853 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b4ce90e7-547e-5043-94f2-3fb8a0e1d3f0", "id": "CVE-2026-41855", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41855 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-test@3.1.1.RELEASE-tuxcare.2" } ] }