{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:90004e40-dd7e-5077-8410-b3bc156e4b4f", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-test@5.3.7-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-test", "version": "5.3.7-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-test@5.3.7-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:7ec1d86a-c6e3-51e3-b50f-3650ca5f4d80", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.7-tuxcare.2 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ca8475cc-3aad-5ebf-9765-17636069f466", "id": "CVE-2021-22060", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22060 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b0cd5707-0fe3-5e0c-8b40-5db78bdc6f75", "id": "CVE-2021-22096", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22096 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e3b776af-ffc3-5a96-983a-a712b2c1f4cf", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:697533f0-a923-5f0b-90c7-eb4c7387624a", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3c246265-6a11-5b20-96da-9caf50cf58d1", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:69310950-c08a-55e4-89c4-832f9e55bbac", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:683fd02c-1698-5477-b71b-70a28f7fd4b3", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f55d1a38-3daf-5c5a-96d3-8476d57e7992", "id": "CVE-2023-20860", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20860 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:59096de4-8925-529f-9a32-a163fd44994c", "id": "CVE-2023-20861", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20861 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6c485229-ff28-5516-ba1b-7bafc8c17380", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:30c6670d-9c38-56b6-af21-abaf1765a6af", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:76e2702e-6d10-5f59-b068-ec01c57e1181", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7dda8946-90b2-5032-9019-68818ea7d085", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.3.7-tuxcare.2 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:38b809a4-238e-587c-acac-4b967fb673db", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:325feed7-284b-5fcc-9398-0faa83a6f7ff", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:03c91554-1846-5325-b9b3-d8d332278ccc", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c18221f9-b643-5ef3-ae9a-df641ef6ebc2", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5a7a2c12-69d7-5301-838f-c78843ab13d0", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:10d799e1-229c-5140-a0c9-7982abf4a4e3", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.3.7-tuxcare.2 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ee5e703c-887b-59fa-8e8e-3329210673c1", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.3.7-tuxcare.2 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0b6616cb-3ace-54ab-9225-692a16ff63b6", "id": "CVE-2025-41234", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41234 is a false positive for org.springframework:spring-test 5.3.7-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:242639fd-0f8d-50df-a7ee-76591b358615", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:47c927d6-46d5-50ff-8c31-b315c8678f20", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.3.7-tuxcare.2 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4f269c1e-5e99-563b-bd2b-9ddefb2a06d3", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.3.7-tuxcare.2 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:62085893-58ba-5616-815c-911623056ccf", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.7-tuxcare.2 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@5.3.7-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:da011f4b-d3da-504e-846c-5c51a55662a6", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.7-tuxcare.2 of org.springframework:spring-test." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-test@5.3.7-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-test@5.3.7-tuxcare.2" } ] }