{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:e16bc966-9feb-57f7-a8f9-8507769bc0a1", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.5", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-jasper-el", "version": "9.0.75-tuxcare.5", "purl": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:70b0f7f8-fda8-5fc6-8f68-c28d17ce4855", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e3d76363-e4f8-5c79-ab1e-9c4599637a93", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:66d4df14-2421-58d2-9daf-6b654987a081", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0c0371eb-c37c-5749-bfd3-66193609b3fa", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:75d1ec80-13d1-5e55-863d-a1859bebb675", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e5c97a69-8955-5667-8b8c-a9e267d54f1f", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c685d246-e107-5a45-935e-4fa5cb05e9f4", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ff5522dd-506f-52d5-b37f-7712da338272", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e29d3619-97fc-5b61-9ddf-f8ec2c0ce78b", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:84d364a5-36ea-52de-be72-495fc758b440", "id": "CVE-2023-42794", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42794 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:400c5847-279d-5a8a-b203-1229a3029815", "id": "CVE-2023-42795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42795 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c8d471da-7509-5335-9a1b-9fe14898f91b", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a855060c-6d67-5695-8e8e-ecaddbfa82e6", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e1b1ea75-7c60-548f-874e-a2a86509e530", "id": "CVE-2023-46589", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-46589 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4d3174cf-5ec3-569d-b705-bb4fc78cd8e4", "id": "CVE-2024-23672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23672 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a8cf73d8-8d3a-5136-a957-08cfaa3f41a8", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8b11003f-58f2-51bc-a7ce-141b53ef9368", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7a2839d7-4afd-5847-abf2-fdd4724f727c", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:97bec961-04ae-586f-ac0d-f2f68cde4e8c", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a654299a-0e32-507b-9f5c-6f6b6c5f6548", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4f900218-6db8-5a32-8b44-dd7a41bd3432", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2d181cf5-1fe8-5102-b5f0-a84034be4179", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9ac9176c-ebc9-5dc6-a0fc-9b366a1d0d33", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:48de9e68-cbd3-5058-ae39-0c8ca36a2b77", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5dcb6e94-89eb-57de-987b-2d09c225ed19", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0a374035-fe7f-5554-a9c5-dd8f937fe5ff", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:432c1a1a-fce8-56a5-bcbc-f97ea65cf919", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6944504b-f51e-5e43-a10e-e71f88f396a8", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f5c8b723-544d-55bc-914c-e77aada4b0cc", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e46f3ee5-3f6c-590c-8c1c-32ef9095b8c9", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:65c2db64-a30f-55fc-8c95-0b610a75179b", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ab953c4b-7822-57df-aaeb-5d68cbaa2e32", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7f309574-574f-5b23-8265-ed6cb183330a", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:bb84dc7f-453b-5286-ac02-b5a90dc4acae", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6cf64c70-377e-5e9f-bee3-7f8b0b9587b8", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:752f8f55-33e9-5f28-b979-fce41b9ab30c", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2266d5c1-5564-5ab6-b411-3b6b78fe85f6", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e89b74a3-7e5a-5e4c-9ca9-6ae656c44326", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f264aaa3-303d-5773-9c61-49c5c74cabd9", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:40fff354-8f62-5300-b201-817d117c36f2", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2d8ac17b-ad09-581d-9575-099dfc49811a", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:40dfd35b-fc3d-5cb7-a44b-aed7682226f1", "id": "CVE-2026-29146", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29146 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ae2900bb-b858-5771-88da-3bb1583ae861", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:78a1882a-941a-57af-a36e-72cad1f2bd37", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:af227018-b160-58e5-bf36-3c12bae01bae", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@9.0.75-tuxcare.5" } ] }