{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:d861f84d-6eb4-5cea-8543-97dd996437cc", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-expression", "version": "3.0.5.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:ec3acc85-ab4c-52b9-b33d-f1d5aeaec07a", "id": "CVE-2011-2730", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2011-2730 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fdbd6d66-8c2d-53b7-bade-9c4d0b1302c7", "id": "CVE-2011-2894", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2011-2894 is fixed in version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:55cf3e12-739f-5ee4-bf94-1af68aa21a14", "id": "CVE-2013-4152", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4152 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8ecc9490-0b7d-5da2-ae90-8c85e7ef436e", "id": "CVE-2013-6429", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6429 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ca739fef-c5a2-557b-8064-e4e389809c3f", "id": "CVE-2013-6430", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2013-6430 is fixed in version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7707c8b0-b762-514c-991b-b363880b3c45", "id": "CVE-2013-7315", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-7315 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e304d3c5-0cb2-556c-b62e-b9c2dc035806", "id": "CVE-2014-0054", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0054 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:94e9d9ee-b874-58b4-b9c1-3a69f1eb8b4e", "id": "CVE-2014-0225", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0225 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:86457ab4-962f-5a0b-b35f-f86fad69ea6c", "id": "CVE-2014-1904", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-1904 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:94a4f750-5444-537d-a984-f090098af296", "id": "CVE-2014-3578", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-3578 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:129187c0-2e4d-5187-85b5-fae073cb536c", "id": "CVE-2014-3625", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3625 is fixed in version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:73232ddd-c8a4-5cc9-afd9-26ecca4d8ae5", "id": "CVE-2015-3192", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3192 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5e884274-a323-5b99-8843-3bec346f51c5", "id": "CVE-2015-5211", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-5211 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:23b33333-2111-5346-8321-2b877059a719", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b81f0621-5755-5392-b296-61a72737becb", "id": "CVE-2016-5007", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5007 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1abbf7fa-8c8c-5b6d-8ff3-29b1fd5a6167", "id": "CVE-2016-9878", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-9878 is fixed in version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:15f81528-1fc5-5a9a-bfcc-75371fdf3483", "id": "CVE-2018-11039", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11039 is fixed in version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d89e53bb-1649-57ce-91c2-2a6f658449fd", "id": "CVE-2018-11040", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11040 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:41929438-86a7-520e-9e24-c2d12de71d45", "id": "CVE-2018-1257", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1257 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c3d904d3-a06c-5c67-8068-38aba62aa7e3", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7e057ad2-451e-5658-8b9c-6b4bcf6f337f", "id": "CVE-2018-1271", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1271 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4945fe11-d393-5f50-9428-f8f93a0fd505", "id": "CVE-2018-1272", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1272 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:90ee630d-2d4a-500d-a9d9-483404c34455", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f666de75-3705-51e0-b3f3-0b4a9a295634", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8259a4bb-1852-5caa-9deb-1fb10fdd7f88", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7ccb32be-060c-57d0-be53-995a2b3e825d", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c87f5c75-afa2-5f12-8a55-a5892a17cc5b", "id": "CVE-2022-22965", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22965 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1cf168c1-5ecd-5463-9005-c41d3f1380c1", "id": "CVE-2022-22968", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22968 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:551bf336-24ae-5b37-8b37-1c302d1650cd", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1fb95072-fca9-5573-a7c4-354aaffa7c24", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5e291606-d8bc-5dcf-81ec-1ee60e7090bf", "id": "CVE-2023-20863", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20863 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:29f2cc4f-2919-567e-be14-8bc3d8522975", "id": "CVE-2024-22243", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22243 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9d269dce-1db6-5f5f-a889-862253ff8652", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9015cb84-17f0-550b-a0f0-48e3208e9214", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5a7936b5-8e7d-5966-89cd-6d83767f8492", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bc9eddc0-49e6-5556-882d-b8b4f5f18df7", "id": "CVE-2024-38809", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38809 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:45ab005e-3434-5081-93fc-5b0d3d4f9cd0", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:22cfa744-b85d-5089-a2f7-fe27e1c10078", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c5bfb1e5-8d4d-5d08-be9f-e4d696bc48cc", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c7c8dd51-096c-5850-8a4b-0271a37c8219", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.2" } ] }