{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:61593c4a-90bd-5965-ad7e-409b1ea7db03", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-expression", "version": "3.1.1.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:3e66bb86-6c00-5701-ac7b-d9cc7a171217", "id": "CVE-2013-4152", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2013-4152 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bd69ebd1-64d3-52f4-92c0-dd63c66975b6", "id": "CVE-2013-6429", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2013-6429 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:42807647-6e19-5cce-8a77-1db46ade439c", "id": "CVE-2013-6430", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2013-6430 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4089dae1-961c-5194-810f-9420266301e5", "id": "CVE-2013-7315", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-7315 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5124c9e3-fcea-5c63-b167-79ef407bded2", "id": "CVE-2014-0054", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-0054 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:83d4e680-4438-5f42-a941-c8efb7743230", "id": "CVE-2014-0225", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-0225 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1c6854c4-e88e-5522-aba9-c75a810dc4d0", "id": "CVE-2014-1904", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-1904 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:17795553-fe1e-5f34-9f1c-2b5bf87d1258", "id": "CVE-2014-3578", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3578 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:359919a5-af54-5a02-9ce8-417e1d6b2dc1", "id": "CVE-2014-3625", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3625 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a985e26f-68b7-5160-bc7f-ac61157296f6", "id": "CVE-2015-3192", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-3192 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5f94f12b-44e0-555c-8175-5dbf0897002d", "id": "CVE-2015-5211", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-5211 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c6e1ac07-afe6-5ecc-86bc-d62d1f33cd91", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0bce86ec-788f-5a97-8d99-e9c41dc3dcd2", "id": "CVE-2016-5007", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-5007 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7cbda7e4-33da-547c-a4b3-e2129d644df4", "id": "CVE-2016-9878", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-9878 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:708f8dd3-d94b-5087-9e79-25d6acd6b0e5", "id": "CVE-2018-11039", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11039 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9dee64c5-347b-5d42-a7d5-8821bbad079f", "id": "CVE-2018-11040", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2018-11040 is a false positive for org.springframework:spring-expression 3.1.1.RELEASE-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e5379481-3405-5ab3-a9a4-24bc4c76e953", "id": "CVE-2018-1257", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2018-1257 is a false positive for org.springframework:spring-expression 3.1.1.RELEASE-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:57f3c76c-a762-5d8a-8b41-48d053f8cc99", "id": "CVE-2018-1270", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2018-1270 is a false positive for org.springframework:spring-expression 3.1.1.RELEASE-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:19ebfd53-aaf4-5fed-af71-e7b513d014a8", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5fb9d02a-e25b-5f7b-9c57-7837b138c18b", "id": "CVE-2018-1272", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1272 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0e67d87b-ff4b-5563-a64b-3a17aee8fe32", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2cb3cd78-f811-5a50-97b6-4df01d9ab366", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9429169a-c9b9-5eaa-9403-e663b6137292", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2c754463-5aef-5688-8cf9-d65509a4d499", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ed4bccc1-8106-5390-9c72-fd94d6ff9372", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5daead47-3af1-5a46-8320-bc8e78ec4826", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9fc038cf-e10f-5e20-9ae0-e244af72d066", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6b197068-d0a7-5e23-b3cb-278a072341a1", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:475d2ed6-ad2b-5243-83b8-344d677b57f8", "id": "CVE-2023-20861", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20861 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b03ca965-fbf1-5ccd-8bc7-a15b7fa9ac8b", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2c8ad846-5631-5237-a779-cd7558155277", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bf137e38-9806-5b3a-8776-4b501ca868d1", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:00cde4bd-ebdf-5f88-a967-4cd6c4622399", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5d208b7a-5b78-5f27-b175-8313116b9c38", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1e1af365-5a70-565a-8059-9ccf41f85274", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1229eb21-89bd-5c3a-a259-12a53b1db1c1", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f138d05c-ac0f-569c-afeb-ce24fdd33ad5", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4d863809-86e8-5d10-a527-4544c4d64e0d", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9f7471e4-40b8-5579-9f04-80b160d5e2eb", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:54e09170-f828-5e09-8eed-f5fd12002ac8", "id": "CVE-2025-41242", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41242 is a false positive for org.springframework:spring-expression 3.1.1.RELEASE-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1d187348-7daf-52ca-942f-04d5de4b77ae", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:44468e07-95f8-57e9-a3e7-79eb03369362", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ba7c91c6-9099-5c37-b511-e9b1f584dbdf", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.2" } ] }