{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:e3fb3e9c-d51b-54be-9428-71610806ba21", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@10.1.18-tuxcare.4", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-jsp-api", "version": "10.1.18-tuxcare.4", "purl": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@10.1.18-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:7e454297-8b1d-5d80-84d0-01c23e740b58", "id": "CVE-2024-23672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23672 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:96007e82-7995-5a0e-951c-292ee913cf8e", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:85a1f7ae-8ebc-5f30-bb1f-b2e1834f259a", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8f802d14-05cb-5a89-92bf-258b0e200a69", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a1c96252-2cae-56a6-a87b-fd812d869d21", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8488c724-c9a8-5c29-9f31-2f3c35d23028", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:44ad4fb3-1a0f-5d2d-b897-a2e0b5f8618b", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:29edb748-fb52-56c8-895e-46c9689778a8", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0c2a19e5-28a4-5517-af39-b6f2b0bd687d", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:95c2b82b-1879-5d9e-bcf0-eb1feb935dbe", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d81d968d-1e18-54e6-9378-6c32a3870236", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e9230b4e-d31a-5cc8-bb41-c77de714554f", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ccb2eae7-e874-534a-9136-9618a4bd1e86", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:011eca65-f4ca-55c0-a856-b94bb0968850", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:dc26a779-a34a-520d-891d-16ef36006257", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:abe69c8f-43e5-5380-840a-748ca0106a66", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:261e7d59-2065-5886-97e3-1aedf5a8503e", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ba1c8bed-de97-5e54-b3e0-bb1e13eaf7e2", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2cc271a1-9c6c-5566-a23b-e1d4f25f5dbc", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1f07b64b-0e34-5d40-851a-8d35505a4fbc", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e230c645-dc22-5c68-bd4a-f0a6028a1b97", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f99a3350-fb70-516f-82f8-9e666f7aa536", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f2f666bd-366a-55ce-bb1e-20db7fb769b0", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:50406215-89b7-5546-9430-22a5219699ae", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:472777c0-5a80-50f9-8c05-5bf827b2c70e", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:24313616-d29e-58f8-a27f-087f8cd67631", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1cd10d00-d11e-5ac0-bd5c-fc42683f9579", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c59434b4-61f3-5f98-b932-63a4be2abf1b", "id": "CVE-2026-29145", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29145 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:47063d8b-802e-507d-8ce3-27d14b6f8ea0", "id": "CVE-2026-29146", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29146 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6117fc0c-275f-5ae4-af45-ffb4d28a08ce", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f170f1db-8913-5dd6-a400-4e074dc43de1", "id": "CVE-2026-34483", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-34483 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:90d020fc-2577-55d9-8de8-78a520be83cb", "id": "CVE-2026-34486", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34486 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:45899457-5340-5621-9d32-4b8dcce5c306", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@10.1.18-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@10.1.18-tuxcare.4" } ] }