{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:b12d30bd-045f-5774-9e2c-58e6dea57d1a", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.5", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-jasper", "version": "10.1.18-tuxcare.5", "purl": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:54fead81-ebe5-5d82-91cf-c11b054d7b0b", "id": "CVE-2024-23672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23672 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c24e02c6-c795-5f45-903c-7763cc349864", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:daa15bc3-a6bd-58a1-8348-11128dd29a4d", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9d28577b-5f1d-5eeb-ae0d-65e6b7f8e697", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:bca711ae-d686-582d-8ab1-98366d3cd3a2", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c6173cab-a53e-5d6c-af3d-85d4fa616fae", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7583016f-b807-5c05-aa69-29afe929e26e", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:be375082-269f-5c4d-8154-5b943e436fb9", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b3330b44-62d8-5d5c-bd63-9d6614369d6a", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:42d029fe-13f9-54e8-9d4c-edd682be1f88", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f2342508-090d-5fdd-bdd9-9e270e9523e9", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d0d50078-fbc8-58b3-82ce-0efd20e87950", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1472732f-74ae-5ad2-aa0b-e2c3f88269c5", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:250d974a-a1ba-5e3a-ba51-eb7208c79bb4", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ae19a8d2-cbba-5e84-9575-a107a743a21f", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:93a581b7-8783-536c-8558-1bd64f6015ce", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f37f25b8-624a-5666-8101-47988fa0962e", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:aaaf0769-0120-5df8-8c24-1985da196c7e", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3aef58e9-8a64-5fbe-9139-76353a95f1f5", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:59363723-0f7f-5d9b-944f-6484f3b52e99", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:dff0f6c4-f262-51de-9c1d-4f8f98847cfb", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f4dd16ad-2188-53f8-8f08-b251302d35f3", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1fe0078b-06a5-55f3-8ea5-0e30d1e75118", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d70f4c52-178b-5e08-85dd-b43b63293e10", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d784176f-b407-5b7e-90b8-d19bceacd7ac", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5f8da5cd-ab11-51f4-879f-efb81fa0ead6", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:84d1d8df-fda8-52cd-8fe1-408423e8b9ac", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:de9dd213-5f06-5922-a35e-184c57777927", "id": "CVE-2026-29145", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29145 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:16f1cc7a-8077-59b1-8723-f00eba5ce198", "id": "CVE-2026-29146", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29146 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:99c4c7a3-f826-5792-bba5-6078d9e48662", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5e69e654-f278-5be2-8e69-c174dbb3f946", "id": "CVE-2026-34483", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-34483 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:89d29828-c38c-5eb4-9489-cb344469b63e", "id": "CVE-2026-34486", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34486 affects version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:47963887-663f-5afc-a714-bb219edbc1c3", "id": "CVE-2026-34487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-34487 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.5" } ] }