{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:4e5c9aaf-e835-5006-8f2d-29be205a1a79", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.46-tuxcare.6", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-jsp-api", "version": "9.0.46-tuxcare.6", "purl": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.46-tuxcare.6" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:ac0afbf6-e784-5cb9-be66-599ab1353b64", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:c28bd52d-f53b-50c9-bf7c-45fa2aae94f9", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:ea5e5a07-539c-5413-9a9a-9d1e6a1f551d", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:72480773-81b1-5e1e-8228-63b11515292d", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:2e5a1d22-51ce-5768-9f68-1e5fdce156ed", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:e551a73a-f58f-560f-a10b-6c54fd25b823", "id": "CVE-2021-33037", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-33037 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:d904cb49-08ee-5067-9049-0d8fc8b951d4", "id": "CVE-2021-42340", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-42340 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:59a18170-ff3a-59e0-8c3a-720b8b32abd6", "id": "CVE-2021-43980", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43980 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:22a928ff-7925-51e2-9e17-682061e13eca", "id": "CVE-2022-23181", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-23181 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:7d1af605-743c-5d16-b9a6-18c9d805ac84", "id": "CVE-2022-29885", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-29885 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:616f43f4-3048-532b-b51a-3053dadaef8d", "id": "CVE-2022-34305", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-34305 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:8ac10d2a-9adb-5eb1-aa9e-a4f4687ca7b0", "id": "CVE-2022-42252", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-42252 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:6037970b-1ed4-5331-8f5c-334625a14116", "id": "CVE-2022-45143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-45143 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:b9ae411a-8a90-5e9b-88a9-ceb12d1b13e1", "id": "CVE-2023-24998", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-24998 affects version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:0647f6fa-f38e-527f-81a0-d30ed8b7c080", "id": "CVE-2023-28708", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-28708 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:bc2670ba-6451-5d52-b0c8-48d588996a59", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:4ab1fa34-b7c3-546d-8f45-b4af1ba15bf5", "id": "CVE-2023-42795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42795 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:5f599126-7442-519e-a389-ac13aa577c88", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:3e23d9b9-64f2-5679-94a8-91f9f63d64a2", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:ab61dc7d-8b70-5873-8dc9-e535566cce60", "id": "CVE-2023-46589", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-46589 affects version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:63f748f7-fbc2-507f-a747-9a76aa449907", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:09d9ec35-8c2d-546f-9d6f-b2fc818e0735", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:ba000ff3-26ae-50e2-a243-0c34a0427015", "id": "CVE-2024-34750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-34750 affects version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:c1b020cd-0721-5e77-8ca4-7d309b7dee1e", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:235d7232-ef47-553f-9c44-679f123f0f8a", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:0eff4a7b-ad0e-5552-bf78-96718aebcbdf", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:7fc7c348-b314-5cfc-8d8d-f4eddac53dcc", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:27913f78-0b37-5933-a16a-febb4b166643", "id": "CVE-2024-56337", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56337 affects version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:6c70a02b-4be7-5f60-afd3-bb606a748814", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:4e4dbc5d-b177-5176-8613-d56ebbcd78ca", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:dac68e6b-ba5a-5a4b-867f-b193b9d56705", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:164e7824-6b76-5a7e-9f34-708d3e41d4e8", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:397417e0-32f4-549c-a332-b9ca1c4d4b07", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:41899e61-6321-52b9-8fd7-6fc33fbf7376", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:99066e10-cf19-5e61-8aef-a1d198c18720", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:c02bcbde-90c9-596f-86e2-4d52045f5720", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:db2ed414-dbd8-5d37-bd5d-78bca7523aab", "id": "CVE-2025-52434", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52434 affects version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:b7c10d44-1246-516a-a2ca-57427a6798d0", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:4460a34d-48e0-5bf5-ba72-553ae2105146", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:73668c8d-484d-56db-b964-7ae16c3e3744", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:4a19d5cb-ea5f-53cf-9c07-f8f43b532903", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:d1917012-5786-5b3c-a7aa-a15137a7d3fc", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:5970c077-27dd-55fc-a1f5-4b0c8bc5efd4", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:ac08d534-40f5-5052-8c7d-10b7eed16a88", "id": "CVE-2025-66614", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-66614 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:1fcd23dd-4f1e-5ef9-b8db-1d4be86adbf5", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:4c1a11ec-f690-5354-b0b7-7fad55ef6e74", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:c36d2dc7-fb3d-5b3c-b2c3-3ff07221acac", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:009b0d69-b8fe-5bab-a8a1-737b1249b2e6", "id": "CVE-2026-29146", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29146 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:47ede433-a49f-51a9-af1f-071da6f7d26c", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:1763073e-8b22-5375-bb85-5957bf4d3fa8", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:68768e43-26e9-567a-8b64-104b1e194a89", "id": "CVE-2026-34486", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34486 affects version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:cd733816-2bce-5528-a702-9382a8693759", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.46-tuxcare.6" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.46-tuxcare.6" } ] }