{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:cd4f5e83-19cb-57a0-b184-9d831efbc32d", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.100-tuxcare.5", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-jasper", "version": "9.0.100-tuxcare.5", "purl": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.100-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:c4d013be-e645-5ed4-8699-a55c969d6faa", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:14cd8dbd-eb61-54a6-af8e-e9bb77aae237", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4f33ae96-06c5-5614-989d-7fc5f8c6720f", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2310d3d4-41b1-5957-bf08-b31c2f8e4556", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:23c93638-6f23-540b-9cf3-11d753392128", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f876027e-f0ce-59ce-9991-fe4af984b70e", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c195045d-4f5e-50bc-ae41-3d06aa8d460f", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c9be9d94-ecf8-522f-93f3-fc4f401be2df", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3070cf75-be27-583b-8d69-dc1e067404ae", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e347f322-655d-57f1-a347-e0d58bb9a646", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1a12b497-ca1c-597d-9037-9499e51d57e1", "id": "CVE-2024-52316", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-52316 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:26a8662c-ea0a-5d46-9471-60a24b973091", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:65b88a6a-9fae-5780-928e-90c7f9ee25f7", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7ebd450e-fe03-5ceb-9d65-086b98634f04", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:da51a84a-a939-5021-b689-17ef7c2c4e95", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:139fa133-703c-57ad-a7da-9f01a453007e", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7a8637f6-5eed-58bb-875c-2c8b857731d3", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:30e1b86c-f4c2-54fe-a9a1-308f3035b9ae", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:27d39be5-361a-5448-8702-f02c94ee286c", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7b23a577-3d81-5999-9ef2-db8c11348b97", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0cd3307d-d211-595d-b5b0-3c394f04dcdf", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:313574e6-9080-549f-a768-80b81d9eff1d", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e6593033-6b41-5629-bdbf-da177bbbc9fe", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:54e66d26-37e0-5e67-987b-77b8bf63963f", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:11afc974-105b-559f-968d-ea12f08f5c16", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1ca1f7b9-edde-5b8f-b66e-6d0c3ef521d0", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c5022948-4a7a-5c19-a2ba-04fcb6802a33", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:33b2cc8a-ba52-55a7-8841-8f4325eb7821", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0d363296-5483-5ed6-bfde-1944fa983c5f", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1b3b8ebe-1622-536a-9c7f-130eb9f1a706", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ec0b19ab-1e71-53a7-992c-b8cb9090dc18", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f3686b81-5919-57e7-85f3-e6eae23aafa5", "id": "CVE-2026-29146", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29146 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:df7cb910-fdf6-5715-8a42-6e5809cee132", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a17d8b62-7547-5e73-be32-2796bf61649a", "id": "CVE-2026-34483", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-34483 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:40ef53d2-3862-5318-afd7-7e7ddea61cd0", "id": "CVE-2026-34486", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34486 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c434c1d7-8cd1-5a4f-a949-89225fd95bd4", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6ffcaad8-f2d5-5eec-964e-99e314c5e53c", "id": "CVE-2026-34500", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34500 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.100-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.100-tuxcare.5" } ] }