{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:6a5e13c7-ce7e-5365-bf2d-c8afc3a6d91f", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-struts@3.1.1.RELEASE-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-struts", "version": "3.1.1.RELEASE-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-struts@3.1.1.RELEASE-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:0260dd00-e665-5f51-8350-7387e89798dd", "id": "CVE-2013-4152", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2013-4152 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-struts." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:082d96a5-219a-536b-8a5f-3223694b5a55", "id": "CVE-2013-6429", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2013-6429 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-struts." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:de5073ea-4359-50fe-9c36-3ee5c6a30580", "id": "CVE-2013-6430", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2013-6430 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-struts." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2e9605e2-de1a-50f3-b3c3-0bf083f8f013", "id": "CVE-2013-7315", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-7315 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-struts." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8cd8e11c-e0f3-51f8-bd41-e7d51f5450ec", "id": "CVE-2014-0054", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-0054 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-struts." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:eedd5271-c453-56cc-9502-0b5969d831e8", "id": "CVE-2014-0225", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-0225 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-struts." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fac27ce5-f1fd-5e95-a201-70a017bdc25a", "id": "CVE-2014-1904", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-1904 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-struts." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:88c7d1b1-21f6-5a04-acd8-8e167396f8c4", "id": "CVE-2014-3578", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3578 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-struts." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:deefa8ec-c4b4-5be8-ab3c-bac2eb1ff92e", "id": "CVE-2014-3625", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3625 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-struts." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0abd9453-ec93-5bcd-9f28-e417bd73ce86", "id": "CVE-2015-3192", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-3192 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-struts." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a589838c-7c04-5cf2-a2ce-001e944c2b2a", "id": "CVE-2015-5211", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-5211 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-struts." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:53e7b4c3-eb25-5be9-8f13-a9ded57dde41", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-struts." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:20b7aef5-21d1-5633-a11a-246dcc6780fb", "id": "CVE-2016-5007", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-5007 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-struts." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b11cf9a8-d14c-59af-b221-caaa02143c84", "id": "CVE-2016-9878", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-9878 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-struts." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:410b1d34-24f1-5a27-a73f-594313a73651", "id": "CVE-2018-11039", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11039 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-struts." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:24df08c3-6bad-5cd9-9181-d9049c20cfdd", "id": "CVE-2018-11040", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2018-11040 is a false positive for org.springframework:spring-struts 3.1.1.RELEASE-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8d02e49c-77a3-5617-be1a-aea9143bc030", "id": "CVE-2018-1257", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2018-1257 is a false positive for org.springframework:spring-struts 3.1.1.RELEASE-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2cc354ea-fd6a-5e43-aa10-1822a7d0fe34", "id": "CVE-2018-1270", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2018-1270 is a false positive for org.springframework:spring-struts 3.1.1.RELEASE-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fc55d2a4-cd07-519b-8e61-53607c871cef", "id": "CVE-2018-1271", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1271 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-struts." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:13bf1f21-7244-5642-b2c4-a74a25fb2e2f", "id": "CVE-2018-1272", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1272 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-struts." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1343ebf8-9af6-590a-bd42-a5f1b42ff244", "id": "CVE-2020-5421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5421 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-struts." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:884ec24e-f703-5d31-9405-f55f361cbf0a", "id": "CVE-2021-22060", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22060 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-struts." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2dd77193-77cc-5133-93b5-a4239dbf3308", "id": "CVE-2021-22096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22096 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-struts." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8f75b24a-b881-53f7-9285-ec896cec6431", "id": "CVE-2021-22118", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-22118 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-struts." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6fd7c2eb-fdf1-54aa-b0fa-a59bfaeba24e", "id": "CVE-2022-22950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22950 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-struts." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1bba5230-e3b0-5812-aa02-f30cf99a7a77", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-struts." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6ef57f82-7244-5ce9-a6b2-e90c79f40308", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-struts." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3f7411f9-a9ba-5da9-a9f8-c023476785dd", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-struts." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7900cf5a-d858-5496-a4dc-0e63c116665d", "id": "CVE-2023-20861", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20861 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-struts." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:44341796-2ffc-59e2-9462-06188107fe5c", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-struts." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:74c62136-59a5-5ec1-a876-0f8b5f970237", "id": "CVE-2024-22243", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22243 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-struts." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b62c9ab9-3863-5df6-a5c0-d6d9366858fa", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-struts." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5d5de0a2-42dc-5ec1-bcd3-c9af92495086", "id": "CVE-2024-22262", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22262 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-struts." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ab6d8499-b506-5ab0-a787-5a66517ddf7d", "id": "CVE-2024-38808", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38808 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-struts." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:deedb6c2-b665-535a-a479-cf3e1029d87c", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-struts." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ee7aff65-a90b-592f-9857-e51041f48f50", "id": "CVE-2024-38819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38819 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-struts." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:26833751-7d9a-545c-b60d-34b10ebd5518", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-struts." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1eba7185-9ed8-54e2-8acf-1bf898fb0751", "id": "CVE-2024-38828", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38828 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-struts." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f9a335fd-6284-5ff4-a5a1-f172b2eda8c1", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-struts." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:01cf1988-a7b2-59a5-83f9-7e972c4dc4a5", "id": "CVE-2025-41242", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41242 is a false positive for org.springframework:spring-struts 3.1.1.RELEASE-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d1e7d397-d576-5a79-9231-f5fae63f5c98", "id": "CVE-2025-41249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41249 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-struts." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9354b686-d6f2-5047-ba0c-0f4b3a2ee157", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-struts." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.1.1.RELEASE-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4d632e89-abeb-5559-aafa-ef829df7425c", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 3.1.1.RELEASE-tuxcare.2 of org.springframework:spring-struts." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.1.1.RELEASE-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-struts@3.1.1.RELEASE-tuxcare.2" } ] }