{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:bca7582d-1efe-5859-a9fb-3e57014802c4", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.4", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-jasper-el", "version": "9.0.75-tuxcare.4", "purl": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:3124606f-7551-5955-b121-dd71e07d361d", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d1336730-bd74-529d-9b7e-fb8f7ea008fe", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1bb628b2-a39a-5aa3-835b-a0687f7368f3", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:158a82f6-b9a0-5d8e-83cd-25920c774078", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:34332156-68d8-5aaa-b812-b47c440776c1", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b949c00e-7bd5-5b88-ba01-bfbbb3eaf40c", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7f41892a-4c02-55c4-854f-b7c404fa93c1", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f5c0584c-5ca0-5006-a837-d5e785691d6a", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3161053d-3887-5f94-ab08-f5eb73597e6d", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8d5b408f-c989-56c3-8182-2f21f557b61e", "id": "CVE-2023-42794", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42794 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7d2939af-7f3b-53cb-b356-7042e4d1fb01", "id": "CVE-2023-42795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42795 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4d4b100d-cac1-520f-848b-c8aeadb84f75", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3c5623c9-0681-5cc2-a879-78641c54cc29", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ad5511b3-a3a3-5279-973f-892580c20ade", "id": "CVE-2023-46589", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-46589 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:acd19e11-420d-5363-a180-76f07ef9035c", "id": "CVE-2024-23672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23672 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cdc2803b-8567-5a17-a25e-9c0cda2009ab", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:66e4d2e6-c3da-5079-9c2e-1e778a600875", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:00ca83b8-73ed-5d57-a633-03cc981c075f", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:578b9987-9fea-5223-8ddc-6675e920501e", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ba4a627e-b4a7-5864-b5d3-02b7e78523fd", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6f9cfe92-6150-5957-aae0-abed16881f7e", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0bb5d282-8b49-5a83-9fdc-28e2e40ab525", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5f5f7a39-dcdf-59be-b520-d4da4a5d121d", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:845b67c4-bfce-53a2-b4c1-e65b72d536b3", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:23c41a17-b418-5f60-99a3-eca305f6fb2f", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0fc289f1-5f94-553a-a189-d3d4a37a2e9d", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:15594355-c2b8-5af2-ac48-49b7af0a2ea4", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4c83c05b-0835-5c88-b992-27f37cbc3962", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ee7346af-5810-523a-aff5-8a5b63d72fd7", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a5e4a422-e746-558d-b2a6-801d6ce35394", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4fa176f6-3f95-5cc7-a2f9-ea14e3ae2d19", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:685b3e24-f750-59ad-85c4-017ef83b824a", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c8fca853-d60f-562b-a9d1-7e79dfec80dd", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bce6854c-08bf-5a95-be15-9cf5789bcc91", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:27d4dca2-6b82-55ec-853f-8399ab507fa3", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:21d6e6ec-c4e4-513c-b96d-0e446e1dfd2d", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:02d0e8b4-e896-587f-8579-08d896b86f2d", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:19b1b2d7-dc60-56f9-a3e4-bcfa6d773f38", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:55afbbef-06c1-5665-9f8c-aa4fc7319f3e", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2b56182b-0fb6-508e-aac6-86003286e8fe", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8c62e3d9-1c96-5e29-8a9d-de594f915fd8", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5d0d7354-24a5-5ee5-a7bb-d13fd8f2fce5", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a148fd65-74a3-5d21-af83-a665a29510b0", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8b01a5a0-1992-52a5-8c25-1aefc02981a9", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:070822b3-4bf8-5b05-9ba9-6e3a02b43c1b", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.4" } ] }