{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:71ef8156-f6c8-5bca-8627-ac218cd624ae", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.4", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-jasper", "version": "10.1.18-tuxcare.4", "purl": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:7c3dca34-24d0-5861-8e05-0cd39fac1984", "id": "CVE-2024-23672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23672 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:16db3abb-b15f-5c0d-8a27-e7c213388809", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5df95f27-37d4-505d-93be-6aa252d7a81f", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4681283b-a3b7-5bcd-9368-de86577d31ca", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:620bad3c-c826-520e-bfdb-da30c9e98229", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d598a4f1-201a-5581-bb61-ec88ca2b17a8", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e8201c9c-7167-58d8-8ff2-9aa763d8a83a", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ca29f9e4-f5da-55a7-8942-f70223fb3d74", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:edb48940-8e7c-5a1f-b6c1-8b12e01f9033", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4ed359a6-5469-5c54-b54d-f735f401f885", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e005c6a9-df1e-53ab-8be6-d4283bd31871", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:21116c60-83e7-51b3-9e0d-1c1a27dd1c92", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5505d7ea-493e-5ccb-99a3-291da1b73213", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c244c060-44af-594b-a0c9-1d2dff6e767d", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8eb1a38e-213a-5f66-9bb3-4f468db7752f", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:07040af1-c4cc-5ece-a129-b7a591766735", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0db21f14-d12e-58ed-9d86-082c4d6fad6f", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c2fccf1d-e80d-5ef9-9aea-977dfb159c63", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ab0ed163-9a70-5b94-9220-c19e82cfa732", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2850ac4b-9ec2-5a4d-85d1-ea9da3fb2151", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:204c5e70-c7e9-5223-9083-28b5c1873375", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e619e56d-3df6-53ef-83f2-d1d0a12e10d8", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8802467c-f666-5ebe-b60a-f9e97a7a88bf", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7eb4c505-c125-58a9-833e-90d64934c601", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6204f7a6-4401-55fe-bd75-306cba14bd82", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c839ee00-4b08-5c69-a227-13b25e08a465", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8ce88066-2172-58a9-9342-2828a5111663", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:61b16b19-79b9-501a-8535-6eb29c0a4c5c", "id": "CVE-2026-29145", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29145 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:130feb31-fa44-5ead-a391-56db7b962900", "id": "CVE-2026-29146", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29146 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cab0ac3c-d501-58d3-9dcd-ea88fd0ba70c", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5b936812-4097-52a9-9622-5751453f367b", "id": "CVE-2026-34483", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-34483 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6c4e95cc-c387-533f-b136-f81fffabdc5b", "id": "CVE-2026-34486", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34486 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9b91921f-729d-5036-aeb2-ec2df8d5d84e", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.4" } ] }