{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:172fa10c-ba9e-5226-a82b-db3333519941", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-expression", "version": "3.0.5.RELEASE-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:2f02f9f4-07b8-56f3-9688-fb2088f27137", "id": "CVE-2011-2730", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2011-2730 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f791718c-537f-5473-a586-a61fb8e4ff4f", "id": "CVE-2011-2894", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2011-2894 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c7286794-87bb-547d-91d8-1c67ea597ceb", "id": "CVE-2013-4152", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4152 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5c8ad6c5-19aa-5fea-970d-8e2cfcd96291", "id": "CVE-2013-6429", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6429 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:78620a9b-099e-5c15-b435-7df7c75f1528", "id": "CVE-2013-6430", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2013-6430 is fixed in version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8735d6c5-bbf3-5ba5-a397-5c4c42fb788b", "id": "CVE-2013-7315", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-7315 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bb83c509-6932-5ded-8bb2-df330467a629", "id": "CVE-2014-0054", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0054 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dfea75b2-923b-5794-92ed-40828b8d0928", "id": "CVE-2014-0225", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0225 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5159d87d-7f8e-5a74-811e-b343bb715dc3", "id": "CVE-2014-1904", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-1904 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:faaf4c84-60fc-554e-a5b2-32dfb2d6700a", "id": "CVE-2014-3578", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-3578 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b5cb086b-cd1b-532f-b8b7-e50c15c166d8", "id": "CVE-2014-3625", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3625 is fixed in version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a9c5027f-78da-5aa3-ab2a-6eeace351012", "id": "CVE-2015-3192", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3192 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:72fe4f08-8ead-51df-8302-c771e8ddfaef", "id": "CVE-2015-5211", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-5211 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:528f83f2-24b8-544e-93c4-6f1e4e69572f", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:67b93d77-2e51-50ef-85e7-a820a3e5976e", "id": "CVE-2016-5007", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5007 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a0ddb6eb-b7a7-543d-a3f6-a5ab9f1ccfc4", "id": "CVE-2016-9878", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-9878 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1e9cf83f-2d44-5c24-b22f-eb9756d7e157", "id": "CVE-2018-11039", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11039 is fixed in version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3b0cba83-cc02-5b3b-8e5d-a6a1c18b3248", "id": "CVE-2018-11040", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11040 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:64bb3222-3c73-52f5-ae73-26912aea9b49", "id": "CVE-2018-1257", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1257 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bf17086a-4e0b-5030-9413-a903c6f57611", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:475771ff-22de-5955-81e4-f0d698316d68", "id": "CVE-2018-1271", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1271 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2ee28bec-00fd-5076-8b1a-4f098c7c95f1", "id": "CVE-2018-1272", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1272 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1796010a-f101-5e39-9f27-edfb8894d5d0", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4d08fa43-029f-5748-a762-258823ef339f", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9838e5a8-a774-5fdb-b1af-3574f3fb0af0", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c7310e1d-218f-507a-a9c3-de1a4a7426a3", "id": "CVE-2022-22950", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22950 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e4023c60-ff7f-525d-a1e7-dcaa7c58976e", "id": "CVE-2022-22965", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22965 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:61544f10-3a9e-530b-bee9-e384a6488523", "id": "CVE-2022-22968", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22968 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e6dbcd51-1fc1-589c-ab62-56af6ec3da4b", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f6bf6558-0a2e-5fa9-b8de-6cf136a0257e", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bbc2a0be-454e-516e-b569-c84c4438fbe1", "id": "CVE-2023-20863", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20863 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a130d236-58d3-55a0-9fb1-7a5e58c779c8", "id": "CVE-2024-22243", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22243 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3e6f4a64-7ede-5201-842a-02e7297664fe", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:335d115a-6978-598c-8192-3c6d7c786f30", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5e91abf2-7616-5d56-b6d7-79fc87a27f3a", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:48495ee4-64d2-52df-abd9-c045d92e932f", "id": "CVE-2024-38809", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38809 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:175f4043-462b-5a75-bb07-37dcf96831e5", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:99a9baea-a51c-5702-8109-01f1314d25a1", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c3604a9c-3c49-5f54-9f35-ed66d10bca8d", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1cb67c75-4e81-5c3f-9672-c8ac4ae8612a", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 3.0.5.RELEASE-tuxcare.1 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.1" } ] }