{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:17984bdf-72b9-5194-8615-6bd422a3ec7f", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.3", "type": "library", "group": "org.springframework", "name": "spring-expression", "version": "3.0.5.RELEASE-tuxcare.3", "purl": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:827c949a-1ff5-551a-9097-b7796c56c8f3", "id": "CVE-2011-2730", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2011-2730 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3c3a6d25-d83f-58bf-b479-ca3eb1de0137", "id": "CVE-2011-2894", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2011-2894 is fixed in version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:69c7a876-030c-587a-a228-c5df916b9f4d", "id": "CVE-2013-4152", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2013-4152 is fixed in version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2fc01bfb-ce27-5f6a-b990-5e92b2e2ed1b", "id": "CVE-2013-6429", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6429 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ed2b7ec1-6d66-584e-b413-6e6d4f36f85f", "id": "CVE-2013-6430", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2013-6430 is fixed in version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:90f42633-91fa-52f0-9020-a4831c985ce4", "id": "CVE-2013-7315", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-7315 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dfe49741-60f4-553c-a3d7-850257c622f8", "id": "CVE-2014-0054", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0054 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d5fb2a78-d474-53b7-9089-f72fd20d5053", "id": "CVE-2014-0225", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0225 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1cbe5048-102a-58b1-a08f-536c460e5407", "id": "CVE-2014-1904", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-1904 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a5a75693-a6db-517e-9833-0db5ef8883ec", "id": "CVE-2014-3578", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-3578 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3204ac0e-0e27-5bb3-afd5-3f6c73108841", "id": "CVE-2014-3625", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3625 is fixed in version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d3602701-6c57-58b2-ada7-ffc0bb9368cc", "id": "CVE-2015-3192", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3192 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:85b20a1e-4de2-5f0c-8d36-ffad0527828c", "id": "CVE-2015-5211", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-5211 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b7e98c6c-973a-5e4c-8d3b-7ab2ad53207e", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:239bb61f-3fbd-525d-8298-da703475a5fc", "id": "CVE-2016-5007", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5007 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:81179512-b76c-5be1-ac6a-12b90e0c06c1", "id": "CVE-2016-9878", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-9878 is fixed in version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e61a011a-c4ce-5f24-8ec6-83c3263c16ee", "id": "CVE-2018-11039", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11039 is fixed in version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:56d2919b-b490-5a84-a10e-328b76ac3694", "id": "CVE-2018-11040", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11040 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7807c591-d7eb-5f55-8770-70f3596f3b09", "id": "CVE-2018-1257", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1257 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d545b156-190b-5a31-a5a2-bb019e9266a7", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2c9b9127-c6cb-59da-b416-31bc4ac0b664", "id": "CVE-2018-1271", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1271 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ffca7309-0d33-5039-a326-a23ccbed7c55", "id": "CVE-2018-1272", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1272 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:db63d35f-78b6-5799-a324-3ffac34b691f", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0dce7046-17d4-5c8a-a38a-bb2958d36a49", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:788d6288-edb8-5f14-acbe-3dbdeee9f628", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dd49af0d-b054-5c9f-9d72-a07358a7bc40", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c0385dc8-b3fb-524a-a8f4-8eb0b8ce79b8", "id": "CVE-2022-22965", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22965 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7985767d-2808-5038-b803-31dbc68f221f", "id": "CVE-2022-22968", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22968 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:546f06aa-0aab-52a7-9753-50d02137712d", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1e81e4c8-9b85-5dba-92dd-dd019b90972f", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:615f04e7-34d1-58d0-a916-fbdcd634235b", "id": "CVE-2023-20863", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20863 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f01c4019-8dd6-5520-93bf-d026c454050e", "id": "CVE-2024-22243", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22243 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c90bcb82-9fc6-5f8d-ae67-2f86cab42b02", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a57133c4-3983-53b9-8a3b-f2afc5ef48dc", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a92bc97c-9f94-5664-b159-f6d5ac5b3c40", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fe6e31a0-aefe-5ee6-bfb8-ac8160ae4bf3", "id": "CVE-2024-38809", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38809 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f8105a5d-6501-50a1-9da2-3fa82484fc50", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dbf31882-ab91-51d0-91b9-79fc961c0e8c", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5ec88cdf-aa81-5275-a190-188e489fc2af", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c14cc03d-f5d1-5e74-826b-d0220061c60a", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 3.0.5.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.0.5.RELEASE-tuxcare.3" } ] }