{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:329b70bf-ab58-5049-b48d-a85e295f90b2", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.6", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-jasper-el", "version": "9.0.50-tuxcare.6", "purl": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.6" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:65f45ca1-9125-5102-ab2d-f477ce09dce5", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:eafdd085-657c-5e67-9745-7eb98a1840ba", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:8bdbacd0-8c74-52c1-a418-36031cbaccb4", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:17eb1a42-cdad-56c9-9588-da113a905bc4", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:f2006914-37c6-58ca-928a-cdb08989a71b", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:3c3d2adc-485f-51f1-8b6d-9cc995956d56", "id": "CVE-2021-42340", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-42340 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:2699fa3f-c0a3-5c72-94dc-24d762dd7c22", "id": "CVE-2021-43980", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43980 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:ca573d86-1ba0-5205-908b-7f3776210d62", "id": "CVE-2022-23181", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-23181 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:9520992f-0396-5bc1-97e4-b695c6595f15", "id": "CVE-2022-29885", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-29885 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:78215485-0acc-5338-b28b-fa9a0dbd05b9", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:e6845d20-4ae9-5cd9-a7c3-80bf530ab7a1", "id": "CVE-2022-42252", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-42252 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:2ea57fc0-3fed-59cb-a3b5-6c93b49c1617", "id": "CVE-2022-45143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-45143 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:1c4405d6-8416-5a11-8510-5364e900655c", "id": "CVE-2023-24998", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-24998 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:e8092935-0863-59c1-bf21-f85851c74f59", "id": "CVE-2023-28708", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-28708 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:77786997-aca4-571b-afd4-3aee05dcf6c5", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:e9f723fb-8a61-5435-b794-07c98c76b6e3", "id": "CVE-2023-42795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42795 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:467c85e5-f406-54f0-8b9e-92bd9587d686", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:0397c447-d637-5036-a8c9-3c06d004caf5", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:eba53319-f117-5472-94f2-517ce4fbc7a4", "id": "CVE-2023-46589", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-46589 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:1e49d026-956e-5ad1-a79d-8d319be5d94d", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:3a264d3d-0244-5496-9052-4b5fd86c76f0", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:b7bfe6be-35db-5bec-bdba-1fdafa68d2ac", "id": "CVE-2024-34750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-34750 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:cde52274-d196-5a9f-8470-d7a69cdc235e", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:d384cd2d-aebb-5842-9ccf-a4edcfd8c622", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:4d540911-6db0-52f0-812b-c55b85f4febd", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:3c924e04-49ca-5233-be5f-fcd103ccf858", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:f14da9d3-89b2-51ed-8bca-22288883751f", "id": "CVE-2024-56337", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56337 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:86162264-7b57-5ceb-8e5f-af892492baf5", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:92f2b6de-5436-51c9-887a-085371d39294", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:5e4a0a2c-6a0f-54a1-84e5-3f92bd519938", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:6b3659c0-2011-5032-a84f-197b46561bdc", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:a1ccc1bc-ffa0-597c-926c-f108768c8964", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:7b6aba8c-e5ab-5375-b00a-4fbd2e195de6", "id": "CVE-2025-48989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48989 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:14a21032-3d86-5dfb-bc58-f34b0f49f283", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:23b7f4ac-1b40-599d-b299-9efbca7b3318", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:eaa97799-1803-5d39-8f11-b81e219fafff", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:21ccd7a2-02b2-5dda-9c67-8f2b7daeeb7d", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:98abb4b0-206f-53d9-a15e-54efa97a8b6a", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:074dccf7-f0fe-5bf1-83a8-314c8ab08831", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:2b9157da-cb8c-5150-9067-6db735c08b19", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:a790b8dc-8771-5b51-91a7-391a2cbc20c0", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:39cfb3c4-2895-5a35-bfe9-dbf119734c87", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:01e14916-cceb-5735-9a4c-632061f9149f", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:6294dac2-8e09-5ba2-ae6b-f083d5bc42ad", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:8ecee8aa-b69d-5c21-95a6-988210eb99c4", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:f9b9b542-2636-5e76-a334-4e1c7079e456", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:7eea334a-c2a7-5391-a5b4-6188e091c559", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:4ce602ae-9119-56e0-ae0b-3ba864d91369", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:e2cf2fb9-7f53-52b4-b787-341a97e55d5b", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:0f36f9be-dc8a-577b-949e-092a8ae2eda7", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.6" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.50-tuxcare.6" } ] }