{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:bde48779-6388-5a8f-8d6b-93fbb60f2204", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.1", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-jasper", "version": "10.1.18-tuxcare.1", "purl": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:03c7e292-a530-5954-8305-45ba1f0f695b", "id": "CVE-2024-23672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23672 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:52f16979-46d4-5ecb-9d7f-b49f7f5e7dc2", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0dc82073-f09a-5eb4-9ff9-7c9182027de8", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a432956b-afc6-513c-97cb-0e122d7d25ee", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5f370a95-ceb9-5834-8780-88c333d278e3", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2d351a39-4805-52e8-aa6d-fb815d648e84", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a5a26c6e-5e27-5bd6-8c21-22da023db6a5", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:de817cba-0b01-59d1-a8ca-da283b451694", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c7b7a066-b9b7-5c7f-aa2d-e0bf5ea8c675", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fcf42604-81d6-5765-862d-0702a5555f86", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7812e961-f969-539b-ac14-b85ff84e5bea", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:370274f3-cee1-58d6-88a0-d2ba3c98deea", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e57d0298-ad2e-534a-98e0-8f4d245e8d27", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:79dd8924-88a6-5e04-aa6a-e0f235502544", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cb97e42c-e381-542e-971d-0dd3fc134abd", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:74c14221-0389-5ded-9ec4-e1ac02f634a5", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d1fe73fa-82e5-5089-9036-b7eabdb89e8a", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:755c2308-bdcb-54e5-ad31-6463186eb787", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:97b47fe0-526a-574d-bb85-b1d8d8e76674", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e3a61503-c975-5eb6-8fac-02fc4766a2a9", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:860fb808-592d-512d-b6e3-0c50ee5acc04", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1553b762-367e-54bf-9abf-9b3be8b58c9c", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:acfd8190-1346-58fc-8ec0-702b8258b23b", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:170fab88-8295-5011-8c90-11f36695db94", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d8fc866c-3aa1-5ae5-85fb-5a9d2560433a", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:66dfc720-e797-59c9-b4ca-4b67da5d96b9", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a7a451ce-8575-5e7a-b4f9-8d056956fb9f", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5981504a-e0aa-5f95-bc54-73601d956379", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:190ba543-1dbe-5123-82b3-51569301897e", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3b809ae4-ee84-5a2f-ab96-8685f7089073", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:579e0f02-3d44-5dba-912c-2137831b8204", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:14702454-c843-5f5b-a3b4-76b50d176cc2", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.1" } ] }