{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:90e6189c-57a9-5418-a220-8cd26922592e", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.struts/struts-faces@1.3.5-tuxcare.1", "type": "library", "group": "org.apache.struts", "name": "struts-faces", "version": "1.3.5-tuxcare.1", "purl": "pkg:maven/org.apache.struts/struts-faces@1.3.5-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:c88a79c3-d47e-549f-a9b3-7bd6cae142e1", "id": "CVE-2012-0391", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2012-0391 affects version 1.3.5-tuxcare.1 of org.apache.struts:struts-faces." }, "affects": [ { "ref": "pkg:maven/org.apache.struts/struts-faces@1.3.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b5c23c94-3af5-5a5a-bca4-53c2fcf47454", "id": "CVE-2012-1007", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2012-1007 is fixed in version 1.3.5-tuxcare.1 of org.apache.struts:struts-faces." }, "affects": [ { "ref": "pkg:maven/org.apache.struts/struts-faces@1.3.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ed0f0e88-b2bc-5528-b08a-2e77037bd154", "id": "CVE-2014-0114", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0114 affects version 1.3.5-tuxcare.1 of org.apache.struts:struts-faces." }, "affects": [ { "ref": "pkg:maven/org.apache.struts/struts-faces@1.3.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8a11a524-9ce7-59e9-964c-8e4e96340f5c", "id": "CVE-2015-0899", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-0899 is fixed in version 1.3.5-tuxcare.1 of org.apache.struts:struts-faces." }, "affects": [ { "ref": "pkg:maven/org.apache.struts/struts-faces@1.3.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:12f6a326-b733-5bfb-8a28-b3a6870c0a55", "id": "CVE-2016-1181", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-1181 is fixed in version 1.3.5-tuxcare.1 of org.apache.struts:struts-faces." }, "affects": [ { "ref": "pkg:maven/org.apache.struts/struts-faces@1.3.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dcb2608f-97a2-5c9c-93f4-63d9687af676", "id": "CVE-2016-1182", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-1182 is fixed in version 1.3.5-tuxcare.1 of org.apache.struts:struts-faces." }, "affects": [ { "ref": "pkg:maven/org.apache.struts/struts-faces@1.3.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cfcabce4-c498-5c70-948f-d10c43a6fcee", "id": "CVE-2016-4431", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-4431 affects version 1.3.5-tuxcare.1 of org.apache.struts:struts-faces." }, "affects": [ { "ref": "pkg:maven/org.apache.struts/struts-faces@1.3.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:892932db-e38a-5f2a-a156-9603a0112fdc", "id": "CVE-2020-26258", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-26258 affects version 1.3.5-tuxcare.1 of org.apache.struts:struts-faces." }, "affects": [ { "ref": "pkg:maven/org.apache.struts/struts-faces@1.3.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:608939fe-cc36-5a92-bfb6-36685d2a2dfa", "id": "CVE-2020-26259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-26259 affects version 1.3.5-tuxcare.1 of org.apache.struts:struts-faces." }, "affects": [ { "ref": "pkg:maven/org.apache.struts/struts-faces@1.3.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:13ab26ce-1200-5515-8261-2d9dfaeca946", "id": "CVE-2023-34149", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34149 affects version 1.3.5-tuxcare.1 of org.apache.struts:struts-faces." }, "affects": [ { "ref": "pkg:maven/org.apache.struts/struts-faces@1.3.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d41d34e2-f482-5576-b4fe-03594c7d0a50", "id": "CVE-2023-34396", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34396 affects version 1.3.5-tuxcare.1 of org.apache.struts:struts-faces." }, "affects": [ { "ref": "pkg:maven/org.apache.struts/struts-faces@1.3.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c14c1be4-8a2f-5f8a-a905-308cc97a44f4", "id": "CVE-2023-47466", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-47466 affects version 1.3.5-tuxcare.1 of org.apache.struts:struts-faces." }, "affects": [ { "ref": "pkg:maven/org.apache.struts/struts-faces@1.3.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a1c69e21-8f6b-5cd1-8d1b-864bc78494bd", "id": "CVE-2023-49735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-49735 affects version 1.3.5-tuxcare.1 of org.apache.struts:struts-faces." }, "affects": [ { "ref": "pkg:maven/org.apache.struts/struts-faces@1.3.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6e669639-f996-5143-a20c-a519129a73ae", "id": "CVE-2025-54656", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-54656 is fixed in version 1.3.5-tuxcare.1 of org.apache.struts:struts-faces." }, "affects": [ { "ref": "pkg:maven/org.apache.struts/struts-faces@1.3.5-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.struts/struts-faces@1.3.5-tuxcare.1" } ] }