{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:faa79c22-76ad-5dd0-92a4-430198bb6d86", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-test@5.3.39-tuxcare.11", "type": "library", "group": "org.springframework", "name": "spring-test", "version": "5.3.39-tuxcare.11", "purl": "pkg:maven/org.springframework/spring-test@5.3.39-tuxcare.11" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:4de47373-a33a-5e5f-934a-79b53a4ac6c7", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.39-tuxcare.11 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@5.3.39-tuxcare.11" } ] }, { "bom-ref": "urn:uuid:caf6b97e-1154-5314-94f6-0185c75d047b", "id": "CVE-2022-22968", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2022-22968 does not affect version 5.3.39-tuxcare.11 of org.springframework:spring-test. Spring version 5.3.39 is not affected to CVE-2022-22968 as fix has been already already backported by the original developers" }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@5.3.39-tuxcare.11" } ] }, { "bom-ref": "urn:uuid:93a96b32-934d-53fb-a360-4d0279016f3b", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.39-tuxcare.11 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@5.3.39-tuxcare.11" } ] }, { "bom-ref": "urn:uuid:af02eee4-91e2-5370-a3b1-da98aa77958d", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 5.3.39-tuxcare.11 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@5.3.39-tuxcare.11" } ] }, { "bom-ref": "urn:uuid:ceec6f6e-2fd8-5815-84ad-8db643cf075e", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.39-tuxcare.11 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@5.3.39-tuxcare.11" } ] }, { "bom-ref": "urn:uuid:57526bdb-9bac-5f44-8183-3657cc9cd1c9", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 5.3.39-tuxcare.11 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@5.3.39-tuxcare.11" } ] }, { "bom-ref": "urn:uuid:0ed8133a-c522-580e-a987-e2e65c011c16", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.3.39-tuxcare.11 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@5.3.39-tuxcare.11" } ] }, { "bom-ref": "urn:uuid:906334c9-ba7f-5442-842c-8d485d87de72", "id": "CVE-2025-41234", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41234 is a false positive for org.springframework:spring-test 5.3.39-tuxcare.11." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@5.3.39-tuxcare.11" } ] }, { "bom-ref": "urn:uuid:c682a121-6049-559e-8fab-099419f7c901", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.3.39-tuxcare.11 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@5.3.39-tuxcare.11" } ] }, { "bom-ref": "urn:uuid:59031b97-1893-56bc-be73-a6859a39b867", "id": "CVE-2025-41249", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41249 is fixed in version 5.3.39-tuxcare.11 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@5.3.39-tuxcare.11" } ] }, { "bom-ref": "urn:uuid:e50f5c97-766e-5a00-b93a-c22f7f316313", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.39-tuxcare.11 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@5.3.39-tuxcare.11" } ] }, { "bom-ref": "urn:uuid:8181cffd-6d44-5603-9b74-2534510aef07", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.39-tuxcare.11 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@5.3.39-tuxcare.11" } ] }, { "bom-ref": "urn:uuid:e7cb16ce-d415-56ee-bc22-0730eee30ae1", "id": "CVE-2026-22737", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22737 is fixed in version 5.3.39-tuxcare.11 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@5.3.39-tuxcare.11" } ] }, { "bom-ref": "urn:uuid:22541242-0303-5619-a1f9-d9b1abdbcbf3", "id": "CVE-2026-22740", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22740 is fixed in version 5.3.39-tuxcare.11 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@5.3.39-tuxcare.11" } ] }, { "bom-ref": "urn:uuid:25a22ebb-0a87-5da6-a638-aa554040affd", "id": "CVE-2026-22741", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22741 is fixed in version 5.3.39-tuxcare.11 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@5.3.39-tuxcare.11" } ] }, { "bom-ref": "urn:uuid:5d65f3b5-2091-59da-8d50-f517d78194be", "id": "CVE-2026-22745", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22745 is fixed in version 5.3.39-tuxcare.11 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@5.3.39-tuxcare.11" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-test@5.3.39-tuxcare.11" } ] }