{"package":"org.springframework:spring-expression","ecosystem":"maven","latest_version":"7.0.0-M6","description":"Spring Expression Language (SpEL)","license":"Apache-2.0","license_risk":"permissive","commercial_use_notes":"Permissive: commercial closed-source use OK; preserve the copyright notice.","homepage":"https://github.com/spring-projects/spring-framework","repository":"https://github.com/spring-projects/spring-framework","downloads_weekly":551061,"health":{"score":63,"risk":"moderate","breakdown":{"maintenance":10,"popularity":14,"security":14,"maturity":15,"community":10},"deprecated":false,"max_score":100},"vulnerabilities":{"count":4,"critical":0,"high":1,"medium":3,"low":0,"details":[{"vuln_id":"CVE-2022-22950","severity":"medium","summary":"Allocation of Resources Without Limits or Throttling in Spring Framework","affected_versions":">=5.3.0,<5.3.17|<5.2.20.RELEASE|=5.3.0|=5.3.1|=5.3.10|=5.3.11|=5.3.12|=5.3.13|=5.3.14|=5.3.15|=5.3.16|=5.3.2|=5.3.3|=5.3.4|=5.3.5|=5.3.6|=5.3.7|=5.3.8|=5.3.9|=3.0.0.RELEASE|=3.0.1.RELEASE|=3.0.2.RELEASE|=3.0.3.RELEASE|=3.0.4.RELEASE|=3.0.5.RELEASE|=3.0.6.RELEASE|=3.0.7.RELEASE|=3.1.0.RELEASE|=3.1.1.RELEASE|=3.1.2.RELEASE|=3.1.3.RELEASE|=3.1.4.RELEASE|=3.2.0.RELEASE|=3.2.1.RELEASE|=3.2.10.RELEASE|=3.2.11.RELEASE|=3.2.12.RELEASE|=3.2.13.RELEASE|=3.2.14.RELEASE|=3.2.15.RELEASE|=3.2.16.RELEASE|=3.2.17.RELEASE|=3.2.18.RELEASE|=3.2.2.RELEASE|=3.2.3.RELEASE|=3.2.4.RELEASE|=3.2.5.RELEASE|=3.2.6.RELEASE|=3.2.7.RELEASE|=3.2.8.RELEASE|=3.2.9.RELEASE|=4.0.0.RELEASE|=4.0.1.RELEASE|=4.0.2.RELEASE|=4.0.3.RELEASE|=4.0.4.RELEASE|=4.0.5.RELEASE|=4.0.6.RELEASE|=4.0.7.RELEASE|=4.0.8.RELEASE|=4.0.9.RELEASE|=4.1.0.RELEASE|=4.1.1.RELEASE|=4.1.2.RELEASE|=4.1.3.RELEASE|=4.1.4.RELEASE|=4.1.5.RELEASE|=4.1.6.RELEASE|=4.1.7.RELEASE|=4.1.8.RELEASE|=4.1.9.RELEASE|=4.2.0.RELEASE|=4.2.1.RELEASE|=4.2.2.RELEASE|=4.2.3.RELEASE|=4.2.4.RELEASE|=4.2.5.RELEASE|=4.2.6.RELEASE|=4.2.7.RELEASE|=4.2.8.RELEASE|=4.2.9.RELEASE|=4.3.0.RELEASE|=4.3.1.RELEASE|=4.3.10.RELEASE|=4.3.11.RELEASE|=4.3.12.RELEASE|=4.3.13.RELEASE|=4.3.14.RELEASE|=4.3.15.RELEASE|=4.3.16.RELEASE|=4.3.17.RELEASE|=4.3.18.RELEASE|=4.3.19.RELEASE|=4.3.2.RELEASE|=4.3.20.RELEASE|=4.3.21.RELEASE|=4.3.22.RELEASE|=4.3.23.RELEASE|=4.3.24.RELEASE|=4.3.25.RELEASE|=4.3.26.RELEASE|=4.3.27.RELEASE|=4.3.28.RELEASE|=4.3.29.RELEASE|=4.3.3.RELEASE|=4.3.30.RELEASE|=4.3.4.RELEASE|=4.3.5.RELEASE|=4.3.6.RELEASE|=4.3.7.RELEASE|=4.3.8.RELEASE|=4.3.9.RELEASE|=5.0.0.RELEASE|=5.0.1.RELEASE|=5.0.10.RELEASE|=5.0.11.RELEASE|=5.0.12.RELEASE|=5.0.13.RELEASE|=5.0.14.RELEASE|=5.0.15.RELEASE|=5.0.16.RELEASE|=5.0.17.RELEASE|=5.0.18.RELEASE|=5.0.19.RELEASE|=5.0.2.RELEASE|=5.0.20.RELEASE|=5.0.3.RELEASE|=5.0.4.RELEASE|=5.0.5.RELEASE|=5.0.6.RELEASE|=5.0.7.RELEASE|=5.0.8.RELEASE|=5.0.9.RELEASE|=5.1.0.RELEASE|=5.1.1.RELEASE|=5.1.10.RELEASE|=5.1.11.RELEASE|=5.1.12.RELEASE|=5.1.13.RELEASE|=5.1.14.RELEASE|=5.1.15.RELEASE|=5.1.16.RELEASE|=5.1.17.RELEASE|=5.1.18.RELEASE|=5.1.19.RELEASE|=5.1.2.RELEASE|=5.1.20.RELEASE|=5.1.3.RELEASE|=5.1.4.RELEASE|=5.1.5.RELEASE|=5.1.6.RELEASE|=5.1.7.RELEASE|=5.1.8.RELEASE|=5.1.9.RELEASE|=5.2.0.RELEASE|=5.2.1.RELEASE|=5.2.10.RELEASE|=5.2.11.RELEASE|=5.2.12.RELEASE|=5.2.13.RELEASE|=5.2.14.RELEASE|=5.2.15.RELEASE|=5.2.16.RELEASE|=5.2.17.RELEASE|=5.2.18.RELEASE|=5.2.19.RELEASE|=5.2.2.RELEASE|=5.2.3.RELEASE|=5.2.4.RELEASE|=5.2.5.RELEASE|=5.2.6.RELEASE|=5.2.7.RELEASE|=5.2.8.RELEASE|=5.2.9.RELEASE","fixed_version":"5.2.20.RELEASE","source":"osv","published_at":"2022-04-03T00:01:00Z","in_kev":false,"epss_prob":0.04122,"epss_percentile":0.88663,"threat_tier":"theoretical"},{"vuln_id":"CVE-2023-20861","severity":"medium","summary":"Spring Framework vulnerable to denial of service via specially crafted SpEL expression","affected_versions":">=6.0.0,<6.0.7|>=5.3.0,<5.3.26|<5.2.23.RELEASE|=6.0.0|=6.0.1|=6.0.2|=6.0.3|=6.0.4|=6.0.5|=6.0.6|=5.3.0|=5.3.1|=5.3.10|=5.3.11|=5.3.12|=5.3.13|=5.3.14|=5.3.15|=5.3.16|=5.3.17|=5.3.18|=5.3.19|=5.3.2|=5.3.20|=5.3.21|=5.3.22|=5.3.23|=5.3.24|=5.3.25|=5.3.3|=5.3.4|=5.3.5|=5.3.6|=5.3.7|=5.3.8|=5.3.9|=3.0.0.RELEASE|=3.0.1.RELEASE|=3.0.2.RELEASE|=3.0.3.RELEASE|=3.0.4.RELEASE|=3.0.5.RELEASE|=3.0.6.RELEASE|=3.0.7.RELEASE|=3.1.0.RELEASE|=3.1.1.RELEASE|=3.1.2.RELEASE|=3.1.3.RELEASE|=3.1.4.RELEASE|=3.2.0.RELEASE|=3.2.1.RELEASE|=3.2.10.RELEASE|=3.2.11.RELEASE|=3.2.12.RELEASE|=3.2.13.RELEASE|=3.2.14.RELEASE|=3.2.15.RELEASE|=3.2.16.RELEASE|=3.2.17.RELEASE|=3.2.18.RELEASE|=3.2.2.RELEASE|=3.2.3.RELEASE|=3.2.4.RELEASE|=3.2.5.RELEASE|=3.2.6.RELEASE|=3.2.7.RELEASE|=3.2.8.RELEASE|=3.2.9.RELEASE|=4.0.0.RELEASE|=4.0.1.RELEASE|=4.0.2.RELEASE|=4.0.3.RELEASE|=4.0.4.RELEASE|=4.0.5.RELEASE|=4.0.6.RELEASE|=4.0.7.RELEASE|=4.0.8.RELEASE|=4.0.9.RELEASE|=4.1.0.RELEASE|=4.1.1.RELEASE|=4.1.2.RELEASE|=4.1.3.RELEASE|=4.1.4.RELEASE|=4.1.5.RELEASE|=4.1.6.RELEASE|=4.1.7.RELEASE|=4.1.8.RELEASE|=4.1.9.RELEASE|=4.2.0.RELEASE|=4.2.1.RELEASE|=4.2.2.RELEASE|=4.2.3.RELEASE|=4.2.4.RELEASE|=4.2.5.RELEASE|=4.2.6.RELEASE|=4.2.7.RELEASE|=4.2.8.RELEASE|=4.2.9.RELEASE|=4.3.0.RELEASE|=4.3.1.RELEASE|=4.3.10.RELEASE|=4.3.11.RELEASE|=4.3.12.RELEASE|=4.3.13.RELEASE|=4.3.14.RELEASE|=4.3.15.RELEASE|=4.3.16.RELEASE|=4.3.17.RELEASE|=4.3.18.RELEASE|=4.3.19.RELEASE|=4.3.2.RELEASE|=4.3.20.RELEASE|=4.3.21.RELEASE|=4.3.22.RELEASE|=4.3.23.RELEASE|=4.3.24.RELEASE|=4.3.25.RELEASE|=4.3.26.RELEASE|=4.3.27.RELEASE|=4.3.28.RELEASE|=4.3.29.RELEASE|=4.3.3.RELEASE|=4.3.30.RELEASE|=4.3.4.RELEASE|=4.3.5.RELEASE|=4.3.6.RELEASE|=4.3.7.RELEASE|=4.3.8.RELEASE|=4.3.9.RELEASE|=5.0.0.RELEASE|=5.0.1.RELEASE|=5.0.10.RELEASE|=5.0.11.RELEASE|=5.0.12.RELEASE|=5.0.13.RELEASE|=5.0.14.RELEASE|=5.0.15.RELEASE|=5.0.16.RELEASE|=5.0.17.RELEASE|=5.0.18.RELEASE|=5.0.19.RELEASE|=5.0.2.RELEASE|=5.0.20.RELEASE|=5.0.3.RELEASE|=5.0.4.RELEASE|=5.0.5.RELEASE|=5.0.6.RELEASE|=5.0.7.RELEASE|=5.0.8.RELEASE|=5.0.9.RELEASE|=5.1.0.RELEASE|=5.1.1.RELEASE|=5.1.10.RELEASE|=5.1.11.RELEASE|=5.1.12.RELEASE|=5.1.13.RELEASE|=5.1.14.RELEASE|=5.1.15.RELEASE|=5.1.16.RELEASE|=5.1.17.RELEASE|=5.1.18.RELEASE|=5.1.19.RELEASE|=5.1.2.RELEASE|=5.1.20.RELEASE|=5.1.3.RELEASE|=5.1.4.RELEASE|=5.1.5.RELEASE|=5.1.6.RELEASE|=5.1.7.RELEASE|=5.1.8.RELEASE|=5.1.9.RELEASE|=5.2.0.RELEASE|=5.2.1.RELEASE|=5.2.10.RELEASE|=5.2.11.RELEASE|=5.2.12.RELEASE|=5.2.13.RELEASE|=5.2.14.RELEASE|=5.2.15.RELEASE|=5.2.16.RELEASE|=5.2.17.RELEASE|=5.2.18.RELEASE|=5.2.19.RELEASE|=5.2.2.RELEASE|=5.2.20.RELEASE|=5.2.21.RELEASE|=5.2.22.RELEASE|=5.2.3.RELEASE|=5.2.4.RELEASE|=5.2.5.RELEASE|=5.2.6.RELEASE|=5.2.7.RELEASE|=5.2.8.RELEASE|=5.2.9.RELEASE","fixed_version":"5.2.23.RELEASE","source":"osv","published_at":"2023-03-23T21:30:19Z","in_kev":false,"epss_prob":0.00409,"epss_percentile":0.61269,"threat_tier":"theoretical"},{"vuln_id":"CVE-2024-38808","severity":"medium","summary":"Spring Framework vulnerable to Denial of Service","affected_versions":"<5.3.39|=3.0.0.RELEASE|=3.0.1.RELEASE|=3.0.2.RELEASE|=3.0.3.RELEASE|=3.0.4.RELEASE|=3.0.5.RELEASE|=3.0.6.RELEASE|=3.0.7.RELEASE|=3.1.0.RELEASE|=3.1.1.RELEASE|=3.1.2.RELEASE|=3.1.3.RELEASE|=3.1.4.RELEASE|=3.2.0.RELEASE|=3.2.1.RELEASE|=3.2.10.RELEASE|=3.2.11.RELEASE|=3.2.12.RELEASE|=3.2.13.RELEASE|=3.2.14.RELEASE|=3.2.15.RELEASE|=3.2.16.RELEASE|=3.2.17.RELEASE|=3.2.18.RELEASE|=3.2.2.RELEASE|=3.2.3.RELEASE|=3.2.4.RELEASE|=3.2.5.RELEASE|=3.2.6.RELEASE|=3.2.7.RELEASE|=3.2.8.RELEASE|=3.2.9.RELEASE|=4.0.0.RELEASE|=4.0.1.RELEASE|=4.0.2.RELEASE|=4.0.3.RELEASE|=4.0.4.RELEASE|=4.0.5.RELEASE|=4.0.6.RELEASE|=4.0.7.RELEASE|=4.0.8.RELEASE|=4.0.9.RELEASE|=4.1.0.RELEASE|=4.1.1.RELEASE|=4.1.2.RELEASE|=4.1.3.RELEASE|=4.1.4.RELEASE|=4.1.5.RELEASE|=4.1.6.RELEASE|=4.1.7.RELEASE|=4.1.8.RELEASE|=4.1.9.RELEASE|=4.2.0.RELEASE|=4.2.1.RELEASE|=4.2.2.RELEASE|=4.2.3.RELEASE|=4.2.4.RELEASE|=4.2.5.RELEASE|=4.2.6.RELEASE|=4.2.7.RELEASE|=4.2.8.RELEASE|=4.2.9.RELEASE|=4.3.0.RELEASE|=4.3.1.RELEASE|=4.3.10.RELEASE|=4.3.11.RELEASE|=4.3.12.RELEASE|=4.3.13.RELEASE|=4.3.14.RELEASE|=4.3.15.RELEASE|=4.3.16.RELEASE|=4.3.17.RELEASE|=4.3.18.RELEASE|=4.3.19.RELEASE|=4.3.2.RELEASE|=4.3.20.RELEASE|=4.3.21.RELEASE|=4.3.22.RELEASE|=4.3.23.RELEASE|=4.3.24.RELEASE|=4.3.25.RELEASE|=4.3.26.RELEASE|=4.3.27.RELEASE|=4.3.28.RELEASE|=4.3.29.RELEASE|=4.3.3.RELEASE|=4.3.30.RELEASE|=4.3.4.RELEASE|=4.3.5.RELEASE|=4.3.6.RELEASE|=4.3.7.RELEASE|=4.3.8.RELEASE|=4.3.9.RELEASE|=5.0.0.RELEASE|=5.0.1.RELEASE|=5.0.10.RELEASE|=5.0.11.RELEASE|=5.0.12.RELEASE|=5.0.13.RELEASE|=5.0.14.RELEASE|=5.0.15.RELEASE|=5.0.16.RELEASE|=5.0.17.RELEASE|=5.0.18.RELEASE|=5.0.19.RELEASE|=5.0.2.RELEASE|=5.0.20.RELEASE|=5.0.3.RELEASE|=5.0.4.RELEASE|=5.0.5.RELEASE|=5.0.6.RELEASE|=5.0.7.RELEASE|=5.0.8.RELEASE|=5.0.9.RELEASE|=5.1.0.RELEASE|=5.1.1.RELEASE|=5.1.10.RELEASE|=5.1.11.RELEASE|=5.1.12.RELEASE|=5.1.13.RELEASE|=5.1.14.RELEASE|=5.1.15.RELEASE|=5.1.16.RELEASE|=5.1.17.RELEASE|=5.1.18.RELEASE|=5.1.19.RELEASE|=5.1.2.RELEASE|=5.1.20.RELEASE|=5.1.3.RELEASE|=5.1.4.RELEASE|=5.1.5.RELEASE|=5.1.6.RELEASE|=5.1.7.RELEASE|=5.1.8.RELEASE|=5.1.9.RELEASE|=5.2.0.RELEASE|=5.2.1.RELEASE|=5.2.10.RELEASE|=5.2.11.RELEASE|=5.2.12.RELEASE|=5.2.13.RELEASE|=5.2.14.RELEASE|=5.2.15.RELEASE|=5.2.16.RELEASE|=5.2.17.RELEASE|=5.2.18.RELEASE|=5.2.19.RELEASE|=5.2.2.RELEASE|=5.2.20.RELEASE|=5.2.21.RELEASE|=5.2.22.RELEASE|=5.2.23.RELEASE|=5.2.24.RELEASE|=5.2.25.RELEASE|=5.2.3.RELEASE|=5.2.4.RELEASE|=5.2.5.RELEASE|=5.2.6.RELEASE|=5.2.7.RELEASE|=5.2.8.RELEASE|=5.2.9.RELEASE|=5.3.0|=5.3.1|=5.3.10|=5.3.11|=5.3.12|=5.3.13|=5.3.14|=5.3.15|=5.3.16|=5.3.17|=5.3.18|=5.3.19|=5.3.2|=5.3.20|=5.3.21|=5.3.22|=5.3.23|=5.3.24|=5.3.25|=5.3.26|=5.3.27|=5.3.28|=5.3.29|=5.3.3|=5.3.30|=5.3.31|=5.3.32|=5.3.33|=5.3.34|=5.3.35|=5.3.36|=5.3.37|=5.3.38|=5.3.4|=5.3.5|=5.3.6|=5.3.7|=5.3.8|=5.3.9","fixed_version":"5.3.39","source":"osv","published_at":"2024-08-20T09:30:28Z","in_kev":false,"epss_prob":0.00809,"epss_percentile":0.74301,"threat_tier":"theoretical"},{"vuln_id":"CVE-2023-20863","severity":"high","summary":"Spring Framework vulnerable to denial of service","affected_versions":">=6.0.0,<6.0.8|>=5.3.0,<5.3.27|<5.2.24.RELEASE|=6.0.0|=6.0.1|=6.0.2|=6.0.3|=6.0.4|=6.0.5|=6.0.6|=6.0.7|=5.3.0|=5.3.1|=5.3.10|=5.3.11|=5.3.12|=5.3.13|=5.3.14|=5.3.15|=5.3.16|=5.3.17|=5.3.18|=5.3.19|=5.3.2|=5.3.20|=5.3.21|=5.3.22|=5.3.23|=5.3.24|=5.3.25|=5.3.26|=5.3.3|=5.3.4|=5.3.5|=5.3.6|=5.3.7|=5.3.8|=5.3.9|=3.0.0.RELEASE|=3.0.1.RELEASE|=3.0.2.RELEASE|=3.0.3.RELEASE|=3.0.4.RELEASE|=3.0.5.RELEASE|=3.0.6.RELEASE|=3.0.7.RELEASE|=3.1.0.RELEASE|=3.1.1.RELEASE|=3.1.2.RELEASE|=3.1.3.RELEASE|=3.1.4.RELEASE|=3.2.0.RELEASE|=3.2.1.RELEASE|=3.2.10.RELEASE|=3.2.11.RELEASE|=3.2.12.RELEASE|=3.2.13.RELEASE|=3.2.14.RELEASE|=3.2.15.RELEASE|=3.2.16.RELEASE|=3.2.17.RELEASE|=3.2.18.RELEASE|=3.2.2.RELEASE|=3.2.3.RELEASE|=3.2.4.RELEASE|=3.2.5.RELEASE|=3.2.6.RELEASE|=3.2.7.RELEASE|=3.2.8.RELEASE|=3.2.9.RELEASE|=4.0.0.RELEASE|=4.0.1.RELEASE|=4.0.2.RELEASE|=4.0.3.RELEASE|=4.0.4.RELEASE|=4.0.5.RELEASE|=4.0.6.RELEASE|=4.0.7.RELEASE|=4.0.8.RELEASE|=4.0.9.RELEASE|=4.1.0.RELEASE|=4.1.1.RELEASE|=4.1.2.RELEASE|=4.1.3.RELEASE|=4.1.4.RELEASE|=4.1.5.RELEASE|=4.1.6.RELEASE|=4.1.7.RELEASE|=4.1.8.RELEASE|=4.1.9.RELEASE|=4.2.0.RELEASE|=4.2.1.RELEASE|=4.2.2.RELEASE|=4.2.3.RELEASE|=4.2.4.RELEASE|=4.2.5.RELEASE|=4.2.6.RELEASE|=4.2.7.RELEASE|=4.2.8.RELEASE|=4.2.9.RELEASE|=4.3.0.RELEASE|=4.3.1.RELEASE|=4.3.10.RELEASE|=4.3.11.RELEASE|=4.3.12.RELEASE|=4.3.13.RELEASE|=4.3.14.RELEASE|=4.3.15.RELEASE|=4.3.16.RELEASE|=4.3.17.RELEASE|=4.3.18.RELEASE|=4.3.19.RELEASE|=4.3.2.RELEASE|=4.3.20.RELEASE|=4.3.21.RELEASE|=4.3.22.RELEASE|=4.3.23.RELEASE|=4.3.24.RELEASE|=4.3.25.RELEASE|=4.3.26.RELEASE|=4.3.27.RELEASE|=4.3.28.RELEASE|=4.3.29.RELEASE|=4.3.3.RELEASE|=4.3.30.RELEASE|=4.3.4.RELEASE|=4.3.5.RELEASE|=4.3.6.RELEASE|=4.3.7.RELEASE|=4.3.8.RELEASE|=4.3.9.RELEASE|=5.0.0.RELEASE|=5.0.1.RELEASE|=5.0.10.RELEASE|=5.0.11.RELEASE|=5.0.12.RELEASE|=5.0.13.RELEASE|=5.0.14.RELEASE|=5.0.15.RELEASE|=5.0.16.RELEASE|=5.0.17.RELEASE|=5.0.18.RELEASE|=5.0.19.RELEASE|=5.0.2.RELEASE|=5.0.20.RELEASE|=5.0.3.RELEASE|=5.0.4.RELEASE|=5.0.5.RELEASE|=5.0.6.RELEASE|=5.0.7.RELEASE|=5.0.8.RELEASE|=5.0.9.RELEASE|=5.1.0.RELEASE|=5.1.1.RELEASE|=5.1.10.RELEASE|=5.1.11.RELEASE|=5.1.12.RELEASE|=5.1.13.RELEASE|=5.1.14.RELEASE|=5.1.15.RELEASE|=5.1.16.RELEASE|=5.1.17.RELEASE|=5.1.18.RELEASE|=5.1.19.RELEASE|=5.1.2.RELEASE|=5.1.20.RELEASE|=5.1.3.RELEASE|=5.1.4.RELEASE|=5.1.5.RELEASE|=5.1.6.RELEASE|=5.1.7.RELEASE|=5.1.8.RELEASE|=5.1.9.RELEASE|=5.2.0.RELEASE|=5.2.1.RELEASE|=5.2.10.RELEASE|=5.2.11.RELEASE|=5.2.12.RELEASE|=5.2.13.RELEASE|=5.2.14.RELEASE|=5.2.15.RELEASE|=5.2.16.RELEASE|=5.2.17.RELEASE|=5.2.18.RELEASE|=5.2.19.RELEASE|=5.2.2.RELEASE|=5.2.20.RELEASE|=5.2.21.RELEASE|=5.2.22.RELEASE|=5.2.23.RELEASE|=5.2.3.RELEASE|=5.2.4.RELEASE|=5.2.5.RELEASE|=5.2.6.RELEASE|=5.2.7.RELEASE|=5.2.8.RELEASE|=5.2.9.RELEASE","fixed_version":"5.2.24.RELEASE","source":"osv","published_at":"2023-04-13T21:30:27Z","in_kev":false,"epss_prob":0.01183,"epss_percentile":0.78855,"threat_tier":"theoretical"}],"actively_exploited_count":0,"likely_exploited_count":0},"versions":{"latest":"7.0.0-M6","total_count":262,"recent":["7.0.0-M6","6.2.8","6.1.21","7.0.0-M5","6.2.7","6.1.20","7.0.0-M4","6.2.6","6.1.19","6.2.5","7.0.0-M3","6.2.4","6.1.18","7.0.0-M2","6.2.3","6.1.17","7.0.0-M1","6.2.2","6.2.1","6.1.16"]},"metadata":{"deprecated":false,"deprecated_message":null,"maintainers_count":0,"first_published":null,"last_published":"2025-06-12T10:14:16+00:00","dependencies_count":0,"dependencies":[]},"github_stats":{"stars":59892,"forks":38844,"open_issues":394,"is_archived":false,"pushed_at":"2026-05-01T20:52:27Z","subscribers_count":3279},"bundle":null,"typescript":null,"known_issues":{"bugs_count":0,"bugs_severity":{},"status_breakdown":{},"link":null,"scope":"none"},"historical_compromise":null,"recommendation":{"action":"update_required","issues":["1 high severity vulnerabilities"],"use_version":"7.0.0-M6","version_hint":"Update to >= 5.2.24.RELEASE to fix known vulnerabilities","summary":"org.springframework:spring-expression@7.0.0-M6 has vulnerabilities — update to latest"},"version_scoped":null,"requested_version":null,"_cache":"miss","_response_ms":932,"_powered_by":"depscope.dev — free package intelligence for AI agents","typosquat":{"is_suspected":false},"maintainer_trust":{"available":true,"bus_factor_3m":16,"active_contributors_12m":16,"primary_author_ratio":0.6,"owner_account_age_days":5775,"is_archived":false,"stars":59858,"alerts":[]},"malicious":{"is_malicious":false},"scorecard":{"available":true,"score":5.7,"tier":"moderate"},"quality":{"available":false},"co_used_with":[{"package":"7zip-bin","occurrences":2},{"package":"@opentelemetry/configuration","occurrences":2},{"package":"Microsoft.Build.Utilities.Core","occurrences":2},{"package":"imagesize","occurrences":2},{"package":"xcpretty","occurrences":2}],"version_history_summary":{"total_versions":20,"first_release_age_days":3511,"last_release_days_ago":323,"avg_days_between_releases":185,"release_velocity":"moderate"}}