{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:80d3b27e-2a2d-5df2-bb6e-2215f454920e", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-expression@5.1.5.RELEASE-tuxcare.3", "type": "library", "group": "org.springframework", "name": "spring-expression", "version": "5.1.5.RELEASE-tuxcare.3", "purl": "pkg:maven/org.springframework/spring-expression@5.1.5.RELEASE-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:be087175-1f4d-5aee-8128-fb5b55dd074d", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b0409426-7ceb-5949-a9b7-ed3a932839f1", "id": "CVE-2020-5398", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-5398 is fixed in version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b7d54b07-d892-5fce-92b4-c8b36792ebae", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9011a46e-863b-50db-902c-23c0a76442c6", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ea6eb5ea-6aae-5f92-9453-6fe34436ee37", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c3579458-f83e-543b-a0d1-ee2ba977dcdb", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:402f04fc-2e2e-56fd-bb0f-9448e324cfd0", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:90e2b277-c206-506a-8da0-8388ffc25090", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:872011eb-ba63-598d-9625-b987f050c608", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:81ffbb77-3702-5ad3-afa3-d702ed0cf370", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a67b6839-e81c-5c58-9b41-96de2d096ec3", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cd9abc81-c711-5e3c-8fcf-f8cfdf523c23", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7dfffa65-436b-509a-af53-69674e657e8b", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:743c2f7f-2b20-514f-b6b5-e4a66776b89a", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:60a0acee-1ecb-593c-b3ec-cf7acbb1a808", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e2695f0f-cc0f-57fd-a9d4-6760527c3026", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2d6184b9-ee2f-5013-890f-195857d624ef", "id": "CVE-2024-38809", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-38809 is a false positive for org.springframework:spring-expression 5.1.5.RELEASE-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ebee0be8-2d54-531f-a6c4-3fb01a3f7171", "id": "CVE-2024-38816", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38816 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:37d605a8-7cdd-5d96-aafa-a232b411659c", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:08e58dcf-d171-5cfd-9588-777d4ca416d4", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5accb4df-f16a-50d2-b8fb-0e663fec9742", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:23f35650-6879-59bf-84ee-133d62b50b2d", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:27fb81c8-3b89-57fb-a2ad-2f621e263f9f", "id": "CVE-2025-41234", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41234 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:042d6cb2-5691-500c-82a9-23e3d6a0dcf1", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:808324ae-4e50-57be-a59b-ccaf0403e87a", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5075da0a-6514-5e9c-b4e8-8c472d395ae9", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8fae0166-d5ce-5e3c-a686-43fc1a0d8559", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:05d43550-e640-5ff6-b203-17342a3d4d10", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:66c0a07a-4e54-57d0-b014-fc29b70e3bff", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b0f968f8-3ce2-51d0-8910-0f3b6b2f8327", "id": "CVE-2026-41838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41838 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f784e1ca-bc28-5883-a4bf-c456cc5bb06f", "id": "CVE-2026-41839", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41839 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1dac3854-88d6-522b-98e2-d65b2cfd3062", "id": "CVE-2026-41840", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41840 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6c63f164-1ed6-5c40-8731-33b9e97cb96f", "id": "CVE-2026-41841", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41841 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:48a3c854-00d3-5d27-80f8-05a2673fa790", "id": "CVE-2026-41842", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41842 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:088f76a0-7b8c-5c70-a7f3-574869f1b62a", "id": "CVE-2026-41843", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41843 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:72ad266c-820e-55fb-976d-688cc9efd96f", "id": "CVE-2026-41844", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41844 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e17ef462-0a5d-5484-ac8c-8b9fb4620869", "id": "CVE-2026-41845", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41845 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:850d5834-bc42-54b3-9265-52e1f5626e3d", "id": "CVE-2026-41846", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41846 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:00d75166-cb9b-5dd4-b1a4-f8865d7fb586", "id": "CVE-2026-41847", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41847 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b795c273-aef1-5627-be41-ffcca4faf654", "id": "CVE-2026-41848", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41848 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1a591a75-3a53-5c1a-b3a9-507ca45f4faf", "id": "CVE-2026-41849", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41849 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:38df433d-8db5-5741-90fc-a68a1c091924", "id": "CVE-2026-41850", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41850 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:812f166f-a275-5ab5-804f-30a5dfbb3f0d", "id": "CVE-2026-41851", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41851 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:39d701c5-650d-5d6d-a312-c7bdfa7f2b18", "id": "CVE-2026-41852", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41852 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3ebb4412-1380-5415-88a0-a773ff69780a", "id": "CVE-2026-41853", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41853 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@5.1.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2651b98a-e029-5851-a209-ff715ccbbed8", "id": "CVE-2026-41855", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41855 affects version 5.1.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@5.1.5.RELEASE-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-expression@5.1.5.RELEASE-tuxcare.3" } ] }