{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:0b78d8f8-6cf6-568e-bf64-4353ec89b947", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.100-tuxcare.3", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-jasper-el", "version": "9.0.100-tuxcare.3", "purl": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.100-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:5d78385c-3bd7-596c-a756-aac21636e2d5", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:297d3cb1-ad22-5e9a-b20e-4198302e855e", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3586bc32-1034-5740-85b2-fbb81b6fcfe7", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ef575a17-1381-579f-ac58-661ad428ff0a", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:13a740cf-12f4-5bc2-b6dc-2d565869092a", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a7fae61e-718b-5c08-be22-a48839782708", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c20d98b8-63a0-5586-bf74-e8ba4b7af1c9", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e27c2f9d-b36f-5017-97b0-40b59146eabc", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bfeb41bf-6ab4-567c-abac-535e52fb5e72", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ab5ad697-6b7b-5e62-ae7d-bf0f6ead1f5b", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:36276718-e9c8-5ff7-9b4b-2d5d5d3dbdbf", "id": "CVE-2024-52316", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-52316 affects version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ce5f2ad8-a80e-5186-bbeb-0e94c9a9f238", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:92e5fd39-2a81-5638-bcaa-8a8a99b097f1", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:547ba5bc-b511-5a82-9753-ce9e8eb1e4bf", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a5703995-113d-58ad-a969-7d87ae180de3", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b22286e6-db44-512e-98f5-adecfdce4647", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e24039ef-62db-5af6-9f34-e85fe55a1dab", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cb03f1eb-d5dc-55ab-902f-1ddf7f1d4272", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3072ae4a-994b-5d7b-b10d-5c73c98a7883", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e95a1637-37fe-509f-91eb-e4fe5bc65e8d", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e3951b40-b59a-5feb-a0c9-7eef809650b8", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:91a568a8-e933-5db3-a9b9-5d47229a60ea", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4fd4cdbc-5796-565e-a3d1-dca0d6aabaed", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:75d0f92b-0d58-524f-92db-30ef0867c835", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:459704fd-c5fa-5980-b54a-bff10201482b", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e01f2db7-a30e-52db-9746-f871f4b92c84", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1194c154-6f2d-5129-b1ef-0c619f908d37", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9fe50269-2270-5de2-a1de-452717ab8764", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e2794215-cfca-50a1-93b0-42b5a88eb0cd", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bc4c8bd5-6d42-5c81-bf79-d3c9f39f20c1", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:294ebde4-4652-52bb-8fe4-bd179634d444", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f028d890-bc5f-5e48-9605-4ede354d1b4d", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e87ab3de-976a-5437-aa26-e4a6805f7d1c", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cff5c9f9-a3ad-5480-9c56-30efbeec7a79", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5ea5c09e-bbe8-5ab2-b422-2de6b738cb91", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fce23b72-9d6d-5838-9de1-1925113cb4a9", "id": "CVE-2026-34500", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34500 affects version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.100-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.100-tuxcare.3" } ] }