{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:08d6bcda-69e4-594a-aac9-99d63ddd537c", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-expression", "version": "3.1.1.RELEASE-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:59fc3709-8c14-5ccf-8250-b728cbd871fa", "id": "CVE-2013-4152", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2013-4152 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:903a13d7-09bd-5c9b-8b5b-47062253cb36", "id": "CVE-2013-6429", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2013-6429 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1567b2dc-1142-5125-84ee-d517b8cc9c65", "id": "CVE-2013-6430", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2013-6430 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dccd0396-0e7f-5df0-9312-27759738ab6d", "id": "CVE-2013-7315", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-7315 affects version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d4a8789e-6370-5d27-bc9b-e18dae165acc", "id": "CVE-2014-0054", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-0054 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bf081e35-ed60-5ffb-8d0f-44e6d2569071", "id": "CVE-2014-0225", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-0225 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:559e8cdb-4feb-50e2-b965-296034971944", "id": "CVE-2014-1904", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-1904 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:964fbf7d-a551-5766-b1b4-184cd08d9267", "id": "CVE-2014-3578", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3578 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:aa722f54-aeb3-5f39-91fa-10b2dde9cc54", "id": "CVE-2014-3625", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3625 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fdb1f0a0-a65d-5b43-846d-b80ca82f1341", "id": "CVE-2015-3192", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-3192 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:eb4cceff-c868-54d7-b5bb-dd279e889718", "id": "CVE-2015-5211", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-5211 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ee25f198-4523-55b0-9606-6959c47f17ec", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e76a5015-340a-5f8a-bb5a-eaf5ced18bee", "id": "CVE-2016-5007", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5007 affects version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e173efd8-2e9d-51e9-82ea-88df0e1d5229", "id": "CVE-2016-9878", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-9878 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6b4375cd-236f-58b4-9919-534d662f284f", "id": "CVE-2018-11039", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11039 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:55027578-89bf-5f07-89c9-96e264f03d3a", "id": "CVE-2018-11040", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2018-11040 is a false positive for org.springframework:spring-expression 3.1.1.RELEASE-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7c42f65b-a434-5d49-96bd-936b7f2a132d", "id": "CVE-2018-1257", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2018-1257 is a false positive for org.springframework:spring-expression 3.1.1.RELEASE-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:723a1470-9844-501e-aa3f-6c4f850c7269", "id": "CVE-2018-1270", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2018-1270 is a false positive for org.springframework:spring-expression 3.1.1.RELEASE-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:79cf1308-cf90-5c96-8c2d-49ccb469e036", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c54c3bfe-b470-5d8d-a667-bb523165e0bd", "id": "CVE-2018-1272", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1272 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dc336782-5173-5e41-b8a7-066d52d2ed31", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9af40127-aaae-512e-bbcf-62d6023209ac", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6d442c8d-3c4c-52a4-b4e4-f675b2d193f6", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fe8d5a35-4539-5352-b41f-7100acd3835e", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:561b17d1-9ac3-5fb6-a29c-622586d97851", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:79a57e4b-d77f-5b1d-b777-a5d25153147a", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8bd54509-1cf7-5b8e-9130-8b66b05124af", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1fd7b964-aa01-5d1e-94fc-7f44a1e7ab8a", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:222648ec-91b8-5b14-b49f-0ca18b66e71d", "id": "CVE-2023-20861", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20861 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bf0f8b9f-d9b2-59e5-9c6d-5589c35999c2", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ca6b3599-14e6-59c7-aa77-b7d9b2928769", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7be41609-8b7f-5587-a0ac-3bee7339ef7d", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:409d60a6-36c8-5685-8b95-4dfa0d740a6a", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:32b25331-37b2-562e-89dc-2907dc1cebaf", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6496823b-74da-535c-b169-89fe08eec3b4", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4e612608-9d9f-5c7b-9449-2a7e3541b0d0", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:faa7ce2c-c8fb-5127-adb3-71d6452c6493", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3d4f0eb0-7203-549a-99d7-608bfbdd4a14", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2281559d-7970-5913-b9d1-f403bc62b62d", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:03bfe15f-103d-5212-89f6-3c36dedda243", "id": "CVE-2025-41242", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41242 is a false positive for org.springframework:spring-expression 3.1.1.RELEASE-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1a037462-7662-50bf-98d4-07f2ecdc25d6", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:24b8da1f-de2d-51ad-9450-ce74b81c308e", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 3.1.1.RELEASE-tuxcare.1 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-expression@3.1.1.RELEASE-tuxcare.1" } ] }