{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:d1fcd7a8-d70f-5326-9589-ffb234edad22", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.5", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-jasper", "version": "9.0.46-tuxcare.5", "purl": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:aa89df9e-6b2e-5a99-b4a0-491b1679a1d4", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f4806fc0-0666-5762-8d40-7ef888572177", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6950240b-77cf-5229-a5ad-d9d37307ef46", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9092aee4-f2c1-5caf-bb10-5cbd6f95b79c", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b302a0aa-75f5-5fba-979d-ef4979097b8a", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:47ec70a8-56ee-5d22-b11f-843289f06147", "id": "CVE-2021-33037", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-33037 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:64dfa669-aa07-52bd-8ee5-11ada989dc6d", "id": "CVE-2021-42340", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-42340 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7fb1147a-7597-5e53-b917-657db709b967", "id": "CVE-2021-43980", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43980 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ab3df1e1-3d5e-5e95-9e50-8de8ce30222f", "id": "CVE-2022-29885", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-29885 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a048bd0a-f6d2-58b6-b496-0a03f25fd4bb", "id": "CVE-2022-34305", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-34305 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5741c168-0512-5216-8b8d-69d870ab472f", "id": "CVE-2022-42252", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-42252 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2175c6f7-aacd-50b7-afe6-0cee815896ce", "id": "CVE-2022-45143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-45143 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f3f2c4f1-4801-5efb-8218-9a6c1584c54f", "id": "CVE-2023-24998", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-24998 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4edb5483-f77c-57eb-be83-a068e25d7a9c", "id": "CVE-2023-28708", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-28708 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8bd644c3-3e1a-5d9a-bbbb-1d441af0c203", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:197b6dd8-9da0-565c-a81b-45443d4f3b18", "id": "CVE-2023-42795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-42795 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:309ccc80-e88e-591c-8cb8-c7b392da131d", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:073af7fa-bfe1-5bf3-ac2a-56f293c58e9e", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7d10a800-6916-5cf3-96a8-1021ac75c5f8", "id": "CVE-2023-46589", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-46589 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e76289e0-c410-5f0d-a871-9779ab24a62b", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:61a0e272-7a03-5f7f-8ce2-965716f67be0", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:81400bef-ff2b-5de4-82f3-c0d06b62b413", "id": "CVE-2024-34750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-34750 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:bbc4e9d3-924e-51ca-a57c-fc12bc4d6f03", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:bb4e7893-e045-57e2-a86a-cfc74ca4d116", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e0188311-81b2-58e2-a6e6-30b501278442", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9cbb73df-fd42-5d42-acce-dbaf3f6833fa", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:05a260ec-8bd8-554c-8468-dd8cfa60328a", "id": "CVE-2024-56337", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56337 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:38233ce1-50ba-523e-9c95-764257517e6d", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0e0abe8e-d686-5661-942e-eb7a8b68a8f3", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:86dc56db-78ac-587c-ab24-6fb6c163dee0", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f700447a-89ca-5197-8bef-21d44001be85", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:72145657-18fa-5b5d-a321-256c6f90bf84", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:48f8be3e-699f-59e2-a9fd-ee993db7c8f2", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ff630662-39a0-5223-9e26-efeb7c3ab6b0", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2e418b96-0992-59eb-9e34-47e53b2dac6e", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:658535c2-c1c1-5ecf-bb2c-f6dd9039afe4", "id": "CVE-2025-52434", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52434 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8d2c2de4-ba30-535a-8672-62dabb73adaf", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:21390ff1-ebe6-5be1-a4f4-2c8bd12e70d7", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:af4526d7-a5d5-589a-b1ba-9dec3f1ae1fa", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:42fde373-24cb-5911-91d5-c4e9eac368b7", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6cd7a814-14dd-589c-91d8-8aad2b74b2d5", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1827bb21-ce15-5564-8e60-6d2ac98b0b32", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e474a527-fac9-59c6-9cb1-eabb0dd01a2f", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:73eb4925-363e-5976-af9f-b110c785cc9e", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ec2ac94c-488c-5413-9c9d-5c04c0fd10c4", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5ffeddba-c61e-57f1-a2ed-00a933cc2acc", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8ace44d2-4e0f-5be8-9d6d-5eea2fd35cef", "id": "CVE-2026-29146", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29146 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:cfbbf5b8-2608-5f44-8559-fe3229c66190", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:87e128bb-2bbe-5239-b197-bb6a433e9cbe", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b2bf1abf-f217-5528-9043-59094f544aac", "id": "CVE-2026-34486", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34486 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:82b40b2d-37a3-50c8-8df7-796f04afa74c", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.5" } ] }