{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:4ed82af9-7f00-5f81-965c-7a4c5bd3c79b", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.struts/struts2-tiles-plugin@2.5.33-tuxcare.1", "type": "library", "group": "org.apache.struts", "name": "struts2-tiles-plugin", "version": "2.5.33-tuxcare.1", "purl": "pkg:maven/org.apache.struts/struts2-tiles-plugin@2.5.33-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:a5971f4b-d226-5c55-ba48-b609710baf6f", "id": "CVE-2016-3093", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-3093 affects version 2.5.33-tuxcare.1 of org.apache.struts:struts2-tiles-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.struts/struts2-tiles-plugin@2.5.33-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:72660668-95e7-5b83-b6ba-180de33efc9b", "id": "CVE-2018-1327", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1327 affects version 2.5.33-tuxcare.1 of org.apache.struts:struts2-tiles-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.struts/struts2-tiles-plugin@2.5.33-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2a4d63c1-242d-5daf-bdb0-31bbbd1601d1", "id": "CVE-2020-26258", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-26258 affects version 2.5.33-tuxcare.1 of org.apache.struts:struts2-tiles-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.struts/struts2-tiles-plugin@2.5.33-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:aa9d7cea-168c-5e12-a816-e7c3ccbe61cd", "id": "CVE-2020-26259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-26259 affects version 2.5.33-tuxcare.1 of org.apache.struts:struts2-tiles-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.struts/struts2-tiles-plugin@2.5.33-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c8a5a668-6850-51e2-9198-9b071ec1b31c", "id": "CVE-2023-49735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-49735 affects version 2.5.33-tuxcare.1 of org.apache.struts:struts2-tiles-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.struts/struts2-tiles-plugin@2.5.33-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:52b74b5f-335b-5a5a-86b1-bea725a15c26", "id": "CVE-2024-53677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-53677 is fixed in version 2.5.33-tuxcare.1 of org.apache.struts:struts2-tiles-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.struts/struts2-tiles-plugin@2.5.33-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:241e92ef-abeb-5308-b733-8b7af1d05bf5", "id": "CVE-2025-64775", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-64775 affects version 2.5.33-tuxcare.1 of org.apache.struts:struts2-tiles-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.struts/struts2-tiles-plugin@2.5.33-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bbd5da0d-e94a-5472-bb8f-56b59e3495a3", "id": "CVE-2025-66675", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66675 affects version 2.5.33-tuxcare.1 of org.apache.struts:struts2-tiles-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.struts/struts2-tiles-plugin@2.5.33-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4ea2c070-59de-54dd-85c6-d1d374207806", "id": "CVE-2025-68493", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-68493 affects version 2.5.33-tuxcare.1 of org.apache.struts:struts2-tiles-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.struts/struts2-tiles-plugin@2.5.33-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.struts/struts2-tiles-plugin@2.5.33-tuxcare.1" } ] }