{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:b8a940e2-f665-5dca-8b52-df758704ed0e", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.struts/struts-core@1.3.5-tuxcare.1", "type": "library", "group": "org.apache.struts", "name": "struts-core", "version": "1.3.5-tuxcare.1", "purl": "pkg:maven/org.apache.struts/struts-core@1.3.5-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:4ce1ffe0-6540-5c3e-9137-12d4919e7fa6", "id": "CVE-2012-0391", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2012-0391 affects version 1.3.5-tuxcare.1 of org.apache.struts:struts-core." }, "affects": [ { "ref": "pkg:maven/org.apache.struts/struts-core@1.3.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b7c5cc36-0779-546e-97e4-cbbd9fe79400", "id": "CVE-2012-1007", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2012-1007 is fixed in version 1.3.5-tuxcare.1 of org.apache.struts:struts-core." }, "affects": [ { "ref": "pkg:maven/org.apache.struts/struts-core@1.3.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4f6611ff-c461-56e7-b160-46ee7063b529", "id": "CVE-2014-0114", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0114 affects version 1.3.5-tuxcare.1 of org.apache.struts:struts-core." }, "affects": [ { "ref": "pkg:maven/org.apache.struts/struts-core@1.3.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8fa1d482-77ac-530b-9f0b-936b401b9e88", "id": "CVE-2015-0899", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-0899 is fixed in version 1.3.5-tuxcare.1 of org.apache.struts:struts-core." }, "affects": [ { "ref": "pkg:maven/org.apache.struts/struts-core@1.3.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:38899e7c-a79f-5c99-b0f5-749f0b559b4b", "id": "CVE-2016-1181", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-1181 is fixed in version 1.3.5-tuxcare.1 of org.apache.struts:struts-core." }, "affects": [ { "ref": "pkg:maven/org.apache.struts/struts-core@1.3.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:57bebc1f-0fb8-52cf-9512-04792db49589", "id": "CVE-2016-1182", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-1182 is fixed in version 1.3.5-tuxcare.1 of org.apache.struts:struts-core." }, "affects": [ { "ref": "pkg:maven/org.apache.struts/struts-core@1.3.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:caf94e78-1547-5ddd-bad5-482a11c3f675", "id": "CVE-2016-4431", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-4431 affects version 1.3.5-tuxcare.1 of org.apache.struts:struts-core." }, "affects": [ { "ref": "pkg:maven/org.apache.struts/struts-core@1.3.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ffa92c49-bbaa-5323-b06b-6d6d2dba582c", "id": "CVE-2020-26258", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-26258 affects version 1.3.5-tuxcare.1 of org.apache.struts:struts-core." }, "affects": [ { "ref": "pkg:maven/org.apache.struts/struts-core@1.3.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:de30b478-8b62-5ab4-8a3d-3ed26f199d7a", "id": "CVE-2020-26259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-26259 affects version 1.3.5-tuxcare.1 of org.apache.struts:struts-core." }, "affects": [ { "ref": "pkg:maven/org.apache.struts/struts-core@1.3.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dfb462d6-037c-5583-ae25-5dbd682cd031", "id": "CVE-2023-34149", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34149 affects version 1.3.5-tuxcare.1 of org.apache.struts:struts-core." }, "affects": [ { "ref": "pkg:maven/org.apache.struts/struts-core@1.3.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:aabacdae-1773-5309-9445-7e6be5ac1e1d", "id": "CVE-2023-34396", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34396 affects version 1.3.5-tuxcare.1 of org.apache.struts:struts-core." }, "affects": [ { "ref": "pkg:maven/org.apache.struts/struts-core@1.3.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:77bacc67-8235-5177-82f5-481fc690581a", "id": "CVE-2023-47466", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-47466 affects version 1.3.5-tuxcare.1 of org.apache.struts:struts-core." }, "affects": [ { "ref": "pkg:maven/org.apache.struts/struts-core@1.3.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:03641dec-8d97-58f2-8f37-0bbaab378a4e", "id": "CVE-2023-49735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-49735 affects version 1.3.5-tuxcare.1 of org.apache.struts:struts-core." }, "affects": [ { "ref": "pkg:maven/org.apache.struts/struts-core@1.3.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5e94c31d-46b8-51a9-904d-fdf361d7e93f", "id": "CVE-2025-54656", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-54656 is fixed in version 1.3.5-tuxcare.1 of org.apache.struts:struts-core." }, "affects": [ { "ref": "pkg:maven/org.apache.struts/struts-core@1.3.5-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.struts/struts-core@1.3.5-tuxcare.1" } ] }