{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:0186c04b-c04c-524d-a1db-2791b36797ea", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.1", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-jasper-el", "version": "9.0.50-tuxcare.1", "purl": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:0eef9c09-84f8-5c1d-81da-d65f9615d734", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:866c7264-b9bc-5d70-a249-60d9fe204b6b", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0ac18c32-9f19-519d-8d40-b674a0fd7c23", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3dae5e51-b0af-557c-8947-0ca53b84804c", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ccfa90ba-28da-5073-8aff-774bd991565f", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:aaba665d-938c-58a9-bd06-854c26cb6b0d", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f783d843-8579-51ea-b70a-105fa27774e4", "id": "CVE-2021-43980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-43980 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5abe9845-d7d8-5a3e-a6ed-b48579c42269", "id": "CVE-2022-23181", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-23181 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:36644786-26ca-5eff-9a1c-8578e073ffe5", "id": "CVE-2022-29885", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-29885 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c9c485d8-3e55-58db-9a12-5a56f1028d81", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c526fca9-412d-5898-a9d6-d7a2b1c093a2", "id": "CVE-2022-42252", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-42252 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6a9b7cf1-725b-5425-9663-b2e18e5256d1", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9a7fe6e4-8be8-5db2-8e86-fa7cb90f43fc", "id": "CVE-2023-24998", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-24998 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:835513be-525e-59d6-83ef-31400d168f2b", "id": "CVE-2023-28708", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-28708 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3a0e88dd-dc8b-5c63-9548-5ebd75612dae", "id": "CVE-2023-41080", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41080 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c433faaf-994c-50e3-be3b-cab4f79d3239", "id": "CVE-2023-42795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-42795 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:55cc947c-4d51-51c2-86b7-c966f1aa102f", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ab11975f-441b-5d46-8b38-00ce729bfdf7", "id": "CVE-2023-45648", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-45648 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:86c1bad8-f3a5-5816-a356-861d670ad2a7", "id": "CVE-2023-46589", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-46589 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:aba7c7e7-401c-5b4f-a069-e042e58c1e51", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8e388e50-0a0b-5784-b32d-fb8b56172723", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:05602099-4d49-519f-96d1-2ed6d558796c", "id": "CVE-2024-34750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-34750 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cafa87ec-12d6-5fe4-8660-3b4e55f67efd", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:240105e1-a37f-5e2c-a11b-614d3a5a22d4", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c7f585c8-3a50-538c-ad12-89d0589ce32f", "id": "CVE-2024-52316", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-52316 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1f936a4a-d42b-53b0-b8b2-68d4ae2ecb2e", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:776e511f-632c-5e17-bf86-aee634ac8cf5", "id": "CVE-2024-56337", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56337 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:930fd533-0b71-52e7-beec-aeb026db170b", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d498a7e7-6d5d-5809-9905-d2d4bd9a5002", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c4221827-5ed2-59b7-8c65-eb5d2b384038", "id": "CVE-2025-31651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31651 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:af838072-f8e8-530c-aed0-52b3211512ff", "id": "CVE-2025-46701", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-46701 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7b199e4f-3d34-50c9-b616-4406c1521964", "id": "CVE-2025-48988", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48988 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:515c7eef-9dd3-5fd5-b77a-230b37f2538e", "id": "CVE-2025-48989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48989 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ba34f0cb-34cf-504c-8505-b6ceaece402b", "id": "CVE-2025-49124", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-49124 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b10531fa-243b-52da-8705-11ed1bf71e51", "id": "CVE-2025-49125", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-49125 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ce77bb5f-fb46-5ff8-973b-62d26e7f6216", "id": "CVE-2025-52434", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52434 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e8f8a6b5-cf7d-5c59-ab7f-79241be16f64", "id": "CVE-2025-52520", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52520 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:56e4dcbe-8cd8-54e5-be1f-e4da2a5f26f1", "id": "CVE-2025-53506", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-53506 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:29771cf0-a79c-519f-9243-e81b746dbe25", "id": "CVE-2025-55668", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55668 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6732efa0-5ad8-5191-8727-c37a593b20b6", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:74066e4b-c78a-5927-830f-557fe34cea40", "id": "CVE-2025-55754", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55754 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e715027c-cb6a-54f3-9425-7bccb2ba57db", "id": "CVE-2025-61795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-61795 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:58c33c29-a1e0-5604-801f-575a0b1f2903", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cfd59a5d-0622-58db-805a-fad8955b61d7", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:af014230-c5ae-5e7b-a95a-fabe088e5fa0", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:354f8710-51d3-53d9-a92b-2e120808df53", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5925b448-ba21-5584-8731-76f143dc3f98", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1f06e8e5-30dd-5c0e-8141-b9d3636bf145", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6ebb4c7e-5a70-5f47-ac2d-a3e729cfc42f", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:39565a78-24a3-5c72-9785-c873a25b9528", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.1" } ] }