{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:174e0f43-3be0-5863-bbd6-49dfb77d9188", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.struts/struts-el@1.3.5-tuxcare.1", "type": "library", "group": "org.apache.struts", "name": "struts-el", "version": "1.3.5-tuxcare.1", "purl": "pkg:maven/org.apache.struts/struts-el@1.3.5-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:d204271c-6b5b-5935-acd2-5107dfc44567", "id": "CVE-2012-0391", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2012-0391 affects version 1.3.5-tuxcare.1 of org.apache.struts:struts-el." }, "affects": [ { "ref": "pkg:maven/org.apache.struts/struts-el@1.3.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c5b01c8d-e9ef-57dc-bf91-a4765ead2e44", "id": "CVE-2012-1007", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2012-1007 is fixed in version 1.3.5-tuxcare.1 of org.apache.struts:struts-el." }, "affects": [ { "ref": "pkg:maven/org.apache.struts/struts-el@1.3.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1bbd2252-1232-5894-aa7c-9bc5917b1336", "id": "CVE-2014-0114", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0114 affects version 1.3.5-tuxcare.1 of org.apache.struts:struts-el." }, "affects": [ { "ref": "pkg:maven/org.apache.struts/struts-el@1.3.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:52c02344-02ee-50b4-9647-8ef9215d1915", "id": "CVE-2015-0899", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-0899 is fixed in version 1.3.5-tuxcare.1 of org.apache.struts:struts-el." }, "affects": [ { "ref": "pkg:maven/org.apache.struts/struts-el@1.3.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6aecff16-b87d-5fcc-8726-b29cf31adeec", "id": "CVE-2016-1181", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-1181 is fixed in version 1.3.5-tuxcare.1 of org.apache.struts:struts-el." }, "affects": [ { "ref": "pkg:maven/org.apache.struts/struts-el@1.3.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:132aa3f9-4c93-55c3-a261-18101cd4fefa", "id": "CVE-2016-1182", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-1182 is fixed in version 1.3.5-tuxcare.1 of org.apache.struts:struts-el." }, "affects": [ { "ref": "pkg:maven/org.apache.struts/struts-el@1.3.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:287340cf-3fab-5708-9c5f-c7a35858a7f5", "id": "CVE-2016-4431", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-4431 affects version 1.3.5-tuxcare.1 of org.apache.struts:struts-el." }, "affects": [ { "ref": "pkg:maven/org.apache.struts/struts-el@1.3.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e796d18a-1da0-5b5c-beab-411c42ee8065", "id": "CVE-2020-26258", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-26258 affects version 1.3.5-tuxcare.1 of org.apache.struts:struts-el." }, "affects": [ { "ref": "pkg:maven/org.apache.struts/struts-el@1.3.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fd8b2da1-df0a-5d90-ae4c-9ef60b97a96d", "id": "CVE-2020-26259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-26259 affects version 1.3.5-tuxcare.1 of org.apache.struts:struts-el." }, "affects": [ { "ref": "pkg:maven/org.apache.struts/struts-el@1.3.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:39a3e16a-9328-525e-bd28-9c8a3e91b5ee", "id": "CVE-2023-34149", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34149 affects version 1.3.5-tuxcare.1 of org.apache.struts:struts-el." }, "affects": [ { "ref": "pkg:maven/org.apache.struts/struts-el@1.3.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:87be4865-4088-5acf-a7e7-82e5e97b7c17", "id": "CVE-2023-34396", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34396 affects version 1.3.5-tuxcare.1 of org.apache.struts:struts-el." }, "affects": [ { "ref": "pkg:maven/org.apache.struts/struts-el@1.3.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:88f237ef-646b-5519-bb09-c47ef0b51254", "id": "CVE-2023-47466", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-47466 affects version 1.3.5-tuxcare.1 of org.apache.struts:struts-el." }, "affects": [ { "ref": "pkg:maven/org.apache.struts/struts-el@1.3.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:eb767b0a-c1cd-58cf-b98c-3f8775f4a1f2", "id": "CVE-2023-49735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-49735 affects version 1.3.5-tuxcare.1 of org.apache.struts:struts-el." }, "affects": [ { "ref": "pkg:maven/org.apache.struts/struts-el@1.3.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b06bafc0-83a6-5dcf-b5b2-12f9e393158a", "id": "CVE-2025-54656", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-54656 is fixed in version 1.3.5-tuxcare.1 of org.apache.struts:struts-el." }, "affects": [ { "ref": "pkg:maven/org.apache.struts/struts-el@1.3.5-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.struts/struts-el@1.3.5-tuxcare.1" } ] }