{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:1276a38c-59c9-5b65-9dd0-72eab536a11d", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.3", "type": "library", "group": "org.apache.tomcat.embed", "name": "tomcat-embed-jasper", "version": "9.0.90-tuxcare.3", "purl": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:a514882f-ab79-503e-b3c7-2df2e8a53cfe", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.90-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4d76bdbb-f75f-57ef-a176-20b4b23b0b1e", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.90-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b9def62f-32a6-56cd-9d5a-d5489eb9db74", "id": "CVE-2020-13943", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2020-13943 does not affect version 9.0.90-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-jasper. Fix for CVE-202-13943 for this version has been already backported by the original developers, so brunch 9.0.90 is not vulnerable" }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fe66da6b-185d-529c-83ee-f553bf3063ca", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.90-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1bd94b01-c4af-5805-9fc5-c29086186a63", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.90-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3d1a0efd-6869-5acb-90c2-41e7da5f5d82", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.90-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a8474c3a-e254-5ff6-a8d4-58f5109d1479", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.90-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c27289d6-65e3-5edc-b82b-5f5353f82c76", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.90-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3a5b1d13-2193-5708-b23d-50bbbfe9b109", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.90-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1b3cdbda-3fd8-5b8d-85ed-2e5fa3e00b65", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.90-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9447e32a-63f1-5d4d-82fc-30e8e3eb6a48", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.90-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7d20347a-7c94-5915-aa55-bbccaad0c6e2", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.90-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a4c5885c-123c-5ab0-8926-7710447e3d9d", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.90-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:53d3e31f-62c7-50cc-a7ff-562f12af6ba4", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 9.0.90-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ac29c212-a92a-5b26-8e2e-4e5439bc92ba", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.90-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ed1dad96-7a2a-5452-8606-c016ecdf8d26", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.90-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:43f8563d-bbfd-5b6a-b8ec-8fa9a49436ac", "id": "CVE-2025-31651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31651 affects version 9.0.90-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7964999b-935a-51b4-8604-30d91699fc99", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.90-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3b7cefa1-fe81-5ac1-a9ba-87ab57c6073d", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.90-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7b18a305-0788-5168-a305-2ca6b1e20106", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.90-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c59e2bc9-3281-5398-bfb1-e22df53b50e1", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.90-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3f69ec07-c544-51b7-a8be-474495844f93", "id": "CVE-2025-49125", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-49125 affects version 9.0.90-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:61f9367b-d62f-55b3-99bf-96596f87de93", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.90-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2f62d73a-b7e5-5998-9436-cfcb1321461e", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.90-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:eb141901-a24a-537e-8b29-5e564fd5ea60", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.90-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3b1c86a1-db44-58b9-a8a7-24dbaddf277d", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.90-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7fd806d9-d820-536c-8065-538a1a50c968", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.90-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:829f893d-da6b-5bec-b76e-72317ceed24b", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.90-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:01a0eb95-ea2b-59aa-b479-4dac1642b79c", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.90-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:decb13f4-341c-51cc-a04f-a7174ca9fa14", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.90-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ee17642c-a8a5-51ac-aa0b-fdd00fad9220", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.90-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:055aec24-bdd4-572e-87eb-68f0365ee6ff", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 9.0.90-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:920edaa0-9a71-59b1-9944-a27fd7b67591", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.90-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ef2a795b-8b71-5d8a-8dc9-8e39b7f62cbc", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.90-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e089c155-3a6e-5f45-bee5-8b5cbfef0898", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 9.0.90-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c31adb30-0505-51a9-ab51-44afa98ae324", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.90-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4d90eb6c-9356-5980-b8dc-e5d7ed73541e", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.90-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1ecd4c37-23c2-55da-a340-acfda6bbc97b", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.90-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:66abae24-620b-51da-951d-33e93068a954", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.90-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-jasper@9.0.90-tuxcare.3" } ] }