{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:c260324c-1d45-5984-95aa-02f2b1f53494", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-struts@3.0.5.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-struts", "version": "3.0.5.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-struts@3.0.5.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:c13f189e-5ff1-54b8-9492-aee7883fb07f", "id": "CVE-2011-2730", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2011-2730 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-struts." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d5a4af3d-c13a-59e1-9840-fe21ef6bf795", "id": "CVE-2011-2894", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2011-2894 is fixed in version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-struts." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8be79755-c546-5880-9866-f01258a352de", "id": "CVE-2013-4152", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4152 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-struts." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:40477c07-2896-5e1a-a2ad-e877700a0825", "id": "CVE-2013-6429", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6429 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-struts." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4ba20716-8cf9-54d4-9534-dd1ee89ce704", "id": "CVE-2013-6430", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2013-6430 is fixed in version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-struts." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:402c5aa2-18e7-511e-ac6a-1b4d0f36560d", "id": "CVE-2013-7315", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-7315 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-struts." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7b7f6021-ccbd-5db9-b595-e73e739196f0", "id": "CVE-2014-0054", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0054 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-struts." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3c9898b7-949f-5ce1-9dcd-de2e609c2cde", "id": "CVE-2014-0225", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0225 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-struts." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:76a8252b-6936-58bf-82d5-02ce1ded9fb4", "id": "CVE-2014-1904", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-1904 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-struts." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:afaa70fa-cc36-52a7-a5da-799f23ca9a11", "id": "CVE-2014-3578", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-3578 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-struts." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b5514a84-0ab5-5c4e-b112-764289a72506", "id": "CVE-2014-3625", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3625 is fixed in version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-struts." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ad766f04-8bf6-520c-aa0d-63d994b5316f", "id": "CVE-2015-3192", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3192 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-struts." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:435fd9d4-84e3-52b1-8162-0ef403a63c77", "id": "CVE-2015-5211", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-5211 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-struts." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2ddba32d-0cff-5351-ace6-2ba3a1dad354", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-struts." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2f9b84d8-64a6-5463-945e-e2ab1e9221a2", "id": "CVE-2016-5007", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5007 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-struts." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f2b629c9-85b4-5cb5-861b-d20ecce65e7f", "id": "CVE-2016-9878", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-9878 is fixed in version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-struts." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3d86b506-39a0-5dcf-a820-471e76da6c5f", "id": "CVE-2018-11039", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11039 is fixed in version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-struts." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:256cb6ed-d3f8-5331-853c-c97519a804af", "id": "CVE-2018-11040", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11040 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-struts." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fc5955dd-ed7e-5280-bd5b-607839980009", "id": "CVE-2018-1257", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1257 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-struts." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:be0aa978-80bc-53b1-a3b3-60cc9b5179ab", "id": "CVE-2018-1270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1270 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-struts." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5f77301d-9ce1-5244-af9f-2cba778ef782", "id": "CVE-2018-1271", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1271 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-struts." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2dd3b71d-fb5c-55d9-8961-c8d9955eeb18", "id": "CVE-2018-1272", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1272 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-struts." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:14db331f-450e-5c4a-9163-727b1d974257", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-struts." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5539bd28-0a48-58de-889e-2e186c26ba2a", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-struts." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:392ced53-3a71-5143-aa2b-f9255c749636", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-struts." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5843cb3e-4984-591f-b206-fa825006aec3", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-struts." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:36967e52-96dd-50a5-a824-8086e20afe43", "id": "CVE-2022-22965", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22965 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-struts." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7a37e262-bfd3-5656-9102-f9d26d9f568c", "id": "CVE-2022-22968", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22968 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-struts." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:da0b1dd4-fe9e-55d2-93b7-002fe8de4342", "id": "CVE-2022-22970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22970 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-struts." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:34dbb12b-81da-57c5-9bb6-edf424d4fa96", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-struts." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ba20eb7b-cccf-58d9-8e72-ec974b0ae5b9", "id": "CVE-2023-20863", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20863 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-struts." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1ef457ef-7909-5ef8-8fea-09bdf5f6034c", "id": "CVE-2024-22243", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22243 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-struts." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c0e7afe9-c413-5690-8f95-28adf65cd11c", "id": "CVE-2024-22259", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22259 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-struts." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8a19640d-697d-5e78-9306-5c98948b40fe", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-struts." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3ea7f303-948f-5335-91f6-2cb0aefca949", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-struts." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0b136e23-8561-54bd-bf21-aab536ca9bae", "id": "CVE-2024-38809", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38809 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-struts." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ed7fff7c-9c08-5042-8221-b1f0961f4845", "id": "CVE-2024-38820", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38820 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-struts." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:07f1ad8f-52e1-5fc9-ae1e-23593f9d25e1", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-struts." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8b9d0c66-0be1-5410-a9c2-2110134044e6", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-struts." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.0.5.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:46a442bc-f262-5822-8bdc-8b4d7777f1fd", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 3.0.5.RELEASE-tuxcare.2 of org.springframework:spring-struts." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.0.5.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.0.5.RELEASE-tuxcare.2" } ] }