{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:ee8e539d-f7e8-5251-a67f-b745fcc4b3a5", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@10.1.18-tuxcare.4", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-jasper-el", "version": "10.1.18-tuxcare.4", "purl": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@10.1.18-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:9a5538cb-d30f-5a40-ab07-c02a1e237585", "id": "CVE-2024-23672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23672 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7a214919-2253-54b2-bb4b-14c44dca6522", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:28c8a279-7f0c-5e07-97c5-0ce0ec6bc8f4", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:301f75d6-e18b-5205-8364-230d1729cfb4", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2b63b91c-e4e2-5590-98e3-01d3cd8cb30d", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a559f612-4d47-5a79-8742-c63508703622", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:eec4c39b-d64b-5a9a-9a38-d6dc73f1ee54", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:07ef0820-be0b-5935-a359-0d8eef81c2db", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:91d7d5ef-77a7-5129-9a79-b2e142f638b6", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:003861d6-608f-55e0-a532-6fe3d06c61a1", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:60d1b97d-6455-5be5-b6ce-9d8d13b224e3", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:22d5913f-4394-54de-858e-d259a7116e76", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6e3ef9a4-dcf7-5a7c-b07d-53a687377274", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:feb92787-4dd9-51fe-ba1d-88ff4b357ac2", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bb46b036-efd9-526f-89e5-e94fea5ce4b0", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4a23fb4b-5175-5975-ab49-526c90b21c1b", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:99267b62-5501-53fc-90bb-e471edfc37f7", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4b75ec4a-67ad-5b01-a875-7b4e38c910a4", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:dd4d74c1-4476-5862-bcac-49a5161028f0", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:68ee65cc-d935-578b-b2da-ceaf1ab459d3", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b4bd535d-6cfe-56f2-87b7-66e01604b039", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:86641faf-261b-50ef-b7cd-55b556327e87", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f68a65b3-1646-555a-9d8a-151c45a39ac9", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:53b881eb-098d-5ccc-ba94-2e98befdbe4e", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:77fdbf72-c869-5583-a540-616bc3014428", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6e198b7d-aac1-5eaa-ab19-668ede9c081f", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c44d6389-0ad7-50ef-aa04-e81920148158", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ac831b98-f64b-59d5-ba26-3f8a53108349", "id": "CVE-2026-29145", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29145 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5f4ab6f4-b4bb-5bec-a49b-eea2ee211491", "id": "CVE-2026-29146", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29146 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:814a0666-b0ec-585a-a10b-8ba8780bdf73", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ec6ab7cd-9e80-5aa8-aea9-05ae1308a952", "id": "CVE-2026-34483", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-34483 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9c0243dc-7f88-5864-a452-f79481645895", "id": "CVE-2026-34486", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34486 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:803b1438-ed2a-5d3c-a2cd-c3b221730032", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@10.1.18-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@10.1.18-tuxcare.4" } ] }