{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:02d8e94a-1a7e-51bf-86ed-c34c0857bb72", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.9", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-jasper", "version": "9.0.50-tuxcare.9", "purl": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.9" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:f378a6a4-d26e-5c89-bd9f-157aaccb8946", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:981ce30b-4748-5b6f-b5df-ef9ad481b9e8", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:fc527ea8-f24a-518f-944c-c63747f8569a", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:168c4b77-46d1-5052-b7b0-68f7a553d649", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:4ede6e2e-02cc-5380-b580-fa6ea297e768", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:c3b0bb6f-a271-50b5-8f92-c7929954875e", "id": "CVE-2021-42340", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-42340 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:a7c4efe6-5972-5af1-87a5-65111f0f90ce", "id": "CVE-2021-43980", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43980 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:56baf91b-d943-5ee1-ac2a-26a9f3064edd", "id": "CVE-2022-23181", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-23181 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:dab7e8da-cd4c-5a5c-b962-9a7e54f5387e", "id": "CVE-2022-29885", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-29885 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:d19f32d7-46cc-5ec4-a21d-7d56ca0138b3", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:6f6ee4c7-9552-572c-877c-3b311a5ae416", "id": "CVE-2022-42252", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-42252 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:4e7a18ed-549c-5ab0-b700-af24cc07ceb1", "id": "CVE-2022-45143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-45143 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:ee8eed8d-e6e0-56ae-af0a-44242208598e", "id": "CVE-2023-24998", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-24998 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:62e32f84-8864-5111-b0bb-055ae98199b7", "id": "CVE-2023-28708", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-28708 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:0e0b01f7-aaab-50fa-a2ca-bf532d3d5863", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:ade73ba1-5c11-5a8f-9911-07474ca694aa", "id": "CVE-2023-42795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42795 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:8d347129-bddd-5b1c-aefa-dc5bc060aa53", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:bdcea991-e3b3-599b-9697-e6a1148125af", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:c9a107cc-c0b0-575b-893b-5ce984a54b8c", "id": "CVE-2023-46589", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-46589 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:592c9df2-ddd4-52f2-93ef-abc8c71da496", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:e05422e1-ef27-5f48-9beb-cbdcaf896303", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:8d5838ad-7109-5cde-a667-f59370205af5", "id": "CVE-2024-34750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-34750 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:d3a71e9e-6d22-5b62-9ec2-4f51d67b84c6", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:1fcfe3cc-20d7-56dd-80e9-42cd95b7cadd", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:0601c41e-68f3-5f76-981f-c694288d2cf8", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:88150d7e-da13-592c-971b-47501faeb317", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:a0b8ae76-0f22-50cc-9cba-38f4ff3626bc", "id": "CVE-2024-56337", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56337 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:408083c1-6654-5d44-a19b-a518eba67386", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:4adbb888-81db-598b-be6b-5e7635826921", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:e9ed789c-a168-558f-a45f-f1af6e1a21ea", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:b3210d1d-1ce9-51f1-872b-f20accec2c35", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:3288a57c-6e5e-5e03-ae24-06f425440187", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:d403506e-3047-596c-93fd-e0e461323c17", "id": "CVE-2025-48989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48989 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:1572fb53-8fec-57bf-9514-4588574beacd", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:9893bd2e-d682-5ce6-8099-6364244efeff", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:0b0842d3-a15b-551e-9044-5514eb522455", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:4ae00917-76e1-5706-a21a-ed37d6c60a22", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:301b5483-e0e7-586b-97bf-6c78e0754193", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:63ba2b9b-5a5c-5dad-9d0a-c99acb113645", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:b9dfa2f4-38b9-54b6-b864-f51580107ed9", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:fdef02f2-0d54-56e1-a388-77f58f848faa", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:257c795b-bbdf-519e-8a89-4bc31de104d4", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:f05226ef-0512-5494-8f9b-12e29021b6a7", "id": "CVE-2025-66614", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-66614 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:2bd34e9b-7e15-507e-a920-d7e07b25bc62", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:f6897368-6142-50f7-8911-336937436912", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:ffb30f38-a540-5b5c-9488-3db76b40ff45", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:4bc16d36-4b77-5e40-b503-41bb0cb9c825", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:dd84d3d3-f4b6-5823-bef6-ceaf822d6774", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:5d29beba-428e-5084-b30c-b57f6fbaff72", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:176acd91-b802-50e7-85ac-02cd78309918", "id": "CVE-2026-34486", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34486 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:85b06eb8-a739-50bd-895b-628753cfcfa0", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.9" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.9" } ] }