{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:e22315b4-c762-53ef-917f-8b1a6f789e1a", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-expression@5.2.13.RELEASE-tuxcare.3", "type": "library", "group": "org.springframework", "name": "spring-expression", "version": "5.2.13.RELEASE-tuxcare.3", "purl": "pkg:maven/org.springframework/spring-expression@5.2.13.RELEASE-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:ef5a48c5-9037-529d-ac4d-a309bdc41820", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:10ba2043-06eb-5a4f-98e8-223bd9cc0053", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:663d0968-200f-501a-9f2a-8994d1f8df99", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:03d330ad-c6a3-5dbd-9ede-f14c58ffb783", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ca916bb8-3ab4-55b0-bcc7-407746d7c813", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:be8102d8-f472-5334-83af-a22d1c3b041c", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:eb6b7602-b3a2-58a7-a70d-9c23ba1aca74", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:37de91d2-7a7f-5136-9556-0596042f7f7b", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:56970afc-621b-56aa-9aa3-3bc45e2ee93f", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0676f4fe-8dc0-5a78-8b77-a0b926e50feb", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:604ce68e-a337-5d99-b3dc-47e268f96cf6", "id": "CVE-2023-20863", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20863 affects version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:86aa2006-9d8e-5daf-9728-ed6fef0c872b", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d6d23287-ebc9-53ea-8b1b-9f3975211bfc", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c56a8281-18b7-5111-a2fe-2953aa6c203e", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b23ae9ff-03be-5de0-a689-5c3e9196e196", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a2b0a35c-2cac-51cf-b8c9-6f6e1affb9b1", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:db8c6362-da2d-53ed-85d5-cc6c27803288", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5e3452e1-ba77-5639-9c22-831f8f095022", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a50a66c9-b7f7-5bfd-b4f5-6ce951c982e2", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2a227f1f-785b-5b66-a19e-adec976809c6", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4c4731ff-3479-5bd9-a651-a80a957b997e", "id": "CVE-2025-41234", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41234 affects version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d5f91bb1-e3d8-5dff-b9aa-dcca67ce5baf", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@5.2.13.RELEASE-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:10561750-5c3c-568a-b8b0-2133463956e7", "id": "CVE-2025-41254", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41254 is fixed in version 5.2.13.RELEASE-tuxcare.3 of org.springframework:spring-expression." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-expression@5.2.13.RELEASE-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-expression@5.2.13.RELEASE-tuxcare.3" } ] }