{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:44a479e4-4eff-54ff-b71d-2dc2e8af9587", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.struts/struts-scripting@1.3.5-tuxcare.1", "type": "library", "group": "org.apache.struts", "name": "struts-scripting", "version": "1.3.5-tuxcare.1", "purl": "pkg:maven/org.apache.struts/struts-scripting@1.3.5-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:5444b607-de42-5599-a256-e4c0387f2b70", "id": "CVE-2012-0391", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2012-0391 affects version 1.3.5-tuxcare.1 of org.apache.struts:struts-scripting." }, "affects": [ { "ref": "pkg:maven/org.apache.struts/struts-scripting@1.3.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:93d332ae-03d6-5913-96f6-034cdbaf6461", "id": "CVE-2012-1007", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2012-1007 is fixed in version 1.3.5-tuxcare.1 of org.apache.struts:struts-scripting." }, "affects": [ { "ref": "pkg:maven/org.apache.struts/struts-scripting@1.3.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dbd2e39c-a04d-592e-a169-868e6119dc28", "id": "CVE-2014-0114", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0114 affects version 1.3.5-tuxcare.1 of org.apache.struts:struts-scripting." }, "affects": [ { "ref": "pkg:maven/org.apache.struts/struts-scripting@1.3.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e306ed23-b661-5523-829f-bfaa634029af", "id": "CVE-2015-0899", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-0899 is fixed in version 1.3.5-tuxcare.1 of org.apache.struts:struts-scripting." }, "affects": [ { "ref": "pkg:maven/org.apache.struts/struts-scripting@1.3.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a5fdb26e-3d0d-5b24-a946-535393598ac5", "id": "CVE-2016-1181", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-1181 is fixed in version 1.3.5-tuxcare.1 of org.apache.struts:struts-scripting." }, "affects": [ { "ref": "pkg:maven/org.apache.struts/struts-scripting@1.3.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:928eebb0-a278-5e63-8493-c08609551e46", "id": "CVE-2016-1182", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-1182 is fixed in version 1.3.5-tuxcare.1 of org.apache.struts:struts-scripting." }, "affects": [ { "ref": "pkg:maven/org.apache.struts/struts-scripting@1.3.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ba9f72fe-71f3-5866-a340-654847353e93", "id": "CVE-2016-4431", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-4431 affects version 1.3.5-tuxcare.1 of org.apache.struts:struts-scripting." }, "affects": [ { "ref": "pkg:maven/org.apache.struts/struts-scripting@1.3.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5fcfe28c-1215-57d8-bab2-305734bde486", "id": "CVE-2020-26258", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-26258 affects version 1.3.5-tuxcare.1 of org.apache.struts:struts-scripting." }, "affects": [ { "ref": "pkg:maven/org.apache.struts/struts-scripting@1.3.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:20ef1b24-6c7f-540a-a6ee-29ae6f1826d1", "id": "CVE-2020-26259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-26259 affects version 1.3.5-tuxcare.1 of org.apache.struts:struts-scripting." }, "affects": [ { "ref": "pkg:maven/org.apache.struts/struts-scripting@1.3.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dc2ba7ca-4f77-52df-ab0b-96f031202f0a", "id": "CVE-2023-34149", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34149 affects version 1.3.5-tuxcare.1 of org.apache.struts:struts-scripting." }, "affects": [ { "ref": "pkg:maven/org.apache.struts/struts-scripting@1.3.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:782a5220-bf0c-5a5d-a365-3666f5dfc101", "id": "CVE-2023-34396", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34396 affects version 1.3.5-tuxcare.1 of org.apache.struts:struts-scripting." }, "affects": [ { "ref": "pkg:maven/org.apache.struts/struts-scripting@1.3.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2b2ac9c4-b209-5693-bbe5-f5cd57534258", "id": "CVE-2023-47466", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-47466 affects version 1.3.5-tuxcare.1 of org.apache.struts:struts-scripting." }, "affects": [ { "ref": "pkg:maven/org.apache.struts/struts-scripting@1.3.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f94542fe-826c-573a-8936-8cfb445f51da", "id": "CVE-2023-49735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-49735 affects version 1.3.5-tuxcare.1 of org.apache.struts:struts-scripting." }, "affects": [ { "ref": "pkg:maven/org.apache.struts/struts-scripting@1.3.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cc25f37a-a13d-54b8-a76c-1302a4e1b8e0", "id": "CVE-2025-54656", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-54656 is fixed in version 1.3.5-tuxcare.1 of org.apache.struts:struts-scripting." }, "affects": [ { "ref": "pkg:maven/org.apache.struts/struts-scripting@1.3.5-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.struts/struts-scripting@1.3.5-tuxcare.1" } ] }