{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:955247ce-e9b4-5f19-b73d-a575da18f87a", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.87-tuxcare.4", "type": "library", "group": "org.apache.tomcat.embed", "name": "tomcat-embed-jasper", "version": "9.0.87-tuxcare.4", "purl": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.87-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:10d8df02-8cc5-53a3-aa6f-9c938c270ce3", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:264a2b64-dfa8-5992-ba4d-05c790e51cca", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6079d8d8-5152-5cd1-a066-32225a9b79d2", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8b3214f2-d99f-5268-bfda-ec98822472ff", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8bd162ca-5776-5498-a917-b9ff8266944e", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d9b003f8-0fa2-5383-be00-c8385df79950", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3a3f529c-827e-55ad-a73a-11b9615c2e93", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cd83f610-392a-578f-9778-a8918f722340", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b9688f1c-ce33-5c40-ba46-038f137c9570", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e8ffdad1-bce4-59a9-81fb-82295e4d177b", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c4593366-5bdd-5f18-96eb-4ae9e2b53c42", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c199e8c7-3e2a-56dc-92d4-e8c7a6c81975", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a580c96b-8586-5862-890d-bbc2af6c138d", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1357e135-e0b2-54f6-87f0-640d8d38fcc1", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ffced5c6-3c32-5d67-840b-8f960bbdfe33", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:16cc5626-87d3-5ab6-9f68-f6089467d87d", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cc837b4f-74cc-5311-af6b-7d2ef2746537", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:69e4178c-a92c-5eec-a327-0ba7eb700ec6", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2ee48c0c-525d-55be-9073-ee5e5d382495", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fc417e0f-422c-55ee-977f-2b48ab14f56f", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9d669bcb-1fb9-5c72-9ebe-be139b5f8b02", "id": "CVE-2025-48988", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48988 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:773fc906-8dea-51a8-9e3b-99f36050703e", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cfc8a49c-8690-5db8-958e-0ff004af8363", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c59265e2-7bac-536e-b637-9186251e1072", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e0cd6305-dd62-5124-a118-db6bdbcf6c41", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7f00d0f1-44de-5a44-b72d-399d9a84c5ad", "id": "CVE-2025-52520", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52520 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c99a55a2-4e75-5e0a-b43f-d5837fdf4caa", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:15970453-796c-59e9-88e7-1cc99aade1d4", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b28b7366-41aa-5aaa-ad1b-1d2305759b9f", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:760c8be0-82fd-5182-a92c-451141019005", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:027eece5-50be-503f-b1bb-cccb030f5220", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4c6c5729-73ab-50c9-b179-7215cf076c0e", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0c8b0a93-2f2e-55b6-aacf-a0f450c14242", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:205c67b3-7892-575d-b72a-de7af222ef2e", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:81cab8da-49f4-5a9d-af2f-59ffa29b8c12", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:35e1e590-90b0-52be-a4ef-feb02a43168b", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bdd4420e-4b89-5314-8d43-f7fa3ca59323", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f290950e-2251-5466-b7b1-675686814d32", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:71e136a0-ca55-5b10-9494-aa0cc4f8a8c6", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:93959ba1-a030-5835-9ec4-e02cceaea4ca", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:821b549d-3d64-5de7-851c-0d008f54584b", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.87-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.87-tuxcare.4" } ] }