{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:3ba57b8d-8bc9-5765-a271-8630df217b31", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.1", "type": "library", "group": "org.apache.tomcat.embed", "name": "tomcat-embed-jasper", "version": "9.0.90-tuxcare.1", "purl": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:670c323d-b68d-58a1-bba0-5a781ca3d574", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.90-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8fd63553-e8c7-5314-a451-0e6bc764a6a5", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.90-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7d77b2fe-b807-5337-b6a7-b5818d490020", "id": "CVE-2020-13943", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2020-13943 does not affect version 9.0.90-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-jasper. Fix for CVE-202-13943 for this version has been already backported by the original developers, so brunch 9.0.90 is not vulnerable" }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1f71a992-43ad-53f7-a0b6-e22ea45e3994", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.90-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:70ec7701-001c-59db-ad54-980f844b527e", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.90-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0108e8ae-8ed7-545a-8b4d-02e64f564879", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.90-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:311b4b44-f7b3-5efe-8f08-a0a3e6af0d28", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.90-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:caa4f1d2-3c8e-50b1-996f-002d55ad3a39", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.90-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6552f6fe-2c71-5ee5-82a0-f73bbd428e27", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.90-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f36c249f-551d-5002-b6fc-83c2b5687aae", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.90-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e1b50530-4245-5686-ac29-a28d0a3c86d7", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.90-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b6a6a1a0-4766-57c1-872d-bd8372d42860", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.90-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:73ed4deb-ce39-5476-8fd2-3fd5d3d942f9", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.90-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8d409a5b-2091-5a33-add9-1aad4a3946ee", "id": "CVE-2024-56337", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56337 affects version 9.0.90-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8233b443-c5d4-57dc-9883-692ccc9762b3", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 9.0.90-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:71556ccf-ac9c-5a7b-a0f6-f4b0d1808f9d", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.90-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:28c8f83f-f14a-50cd-8d4e-d5b2ce5f2630", "id": "CVE-2025-31651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31651 affects version 9.0.90-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:56d4c863-29b9-58e7-b3b2-02aa64d4eaa1", "id": "CVE-2025-46701", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-46701 affects version 9.0.90-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ab84edfe-490a-5f83-a1fb-307d21fd0e02", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.90-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e54e17ba-78a5-53cc-a227-b2e565da79cf", "id": "CVE-2025-48989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48989 affects version 9.0.90-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:074a8f09-7e19-50fc-8ce1-55c89644ff45", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.90-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d283fcaa-a0f2-5b67-ab1f-b1fa0993d860", "id": "CVE-2025-49125", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-49125 affects version 9.0.90-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:556e1eba-f1e6-5ba3-b953-2031569435a3", "id": "CVE-2025-52434", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52434 affects version 9.0.90-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c7c6fb60-ff0a-5507-906f-7096fd9c5dbf", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.90-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ee5dc7fd-392a-5191-95c2-504452d33926", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.90-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:af27020b-2b6b-5b50-b998-a2479c38301d", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.90-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:755dbf4d-de40-52b6-a2ab-8adf40b6eb1e", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.90-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e7e85601-3c45-5590-a754-4a91d00b0d4f", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.90-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a7ad49a3-cd9b-52d4-b3b5-9a54761cceae", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.90-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f1704151-5b04-598d-a3f7-9dceaed14197", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.90-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:72a603f9-1ed4-5966-997f-1c5f38cea909", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.90-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1462d3c6-4e1c-5a6b-9776-464e471e3936", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 9.0.90-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:827e8c5b-a559-5284-8c05-d3dc05856dd4", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.90-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7b4fd558-44f9-52a6-b096-eaa72aea0ef8", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.90-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a34b1b98-4cbc-5d06-b33b-c8783c54f481", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 9.0.90-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:651f1a00-2145-5903-8551-b4f6137d7429", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.90-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:91eb2133-8133-52e8-bd3f-2173d208f8af", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.90-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f5c9f118-df68-52fc-9f7a-12bf37f496e7", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.90-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4b076465-e26f-5bcb-9742-b9097424b5a4", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.90-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.1" } ] }