{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:d1e62e18-68fb-519d-8ae9-a10a8d273280", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.2", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-jasper", "version": "10.1.18-tuxcare.2", "purl": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:76265bc4-c746-5fc6-afcf-fe711bdf9a9d", "id": "CVE-2024-23672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23672 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5f9326c1-d881-55d0-830e-407777700923", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:52e31cb7-cefe-53cb-a4b2-1949504b30aa", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f72f114c-b7de-5942-8462-e54a514b776f", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bd328634-1cb3-52d6-acbb-52b01aa3945a", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:412b85e8-8554-547c-8bc0-19b6b952c350", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f10a68bf-d45e-573d-95eb-742765ce0863", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5d659cf3-c6f9-5fcb-8374-49ba2d19b14d", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bb9b2991-3db0-5c1d-9aba-0a8a92ed4239", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:62a04aac-ae28-5a96-8ac2-c1deee1af3d2", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:af709930-42cd-5191-ab15-ebaa995eed1d", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9efd0a93-6d55-5d9f-96b8-bcd9ba642693", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:42ff6d5f-424c-5fd0-9c0a-3bb339aedc6d", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:028edcbe-5c5f-5ec2-8998-ebcba06cd1f1", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:aa395539-1435-589b-be93-a268f00d4802", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c70bd49e-3c97-57ca-b641-13707adf5344", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:28482fe8-611d-5658-80db-059ec5da7681", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:51cb6943-c1cf-5eba-a793-a13ab8f4d171", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4ba3a92a-eecb-5ac1-8989-1944203614d3", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:db967e28-9863-5773-8d30-325c290112ab", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d5b09f65-7200-5b01-9a74-e08c0f98a089", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2ef0eefd-eef2-545c-950d-50b98191db1f", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4df1d0f2-06bf-5104-97d5-148e7e8e47d9", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1285590b-7bd5-5b06-8ae4-4144a2c04e7b", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:79f13317-fef0-5b07-85ee-81e6683bd4ed", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:01b94376-b4ef-5e2a-bf64-ad343dcedf2e", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b1499e9f-1b15-523a-8e39-09df7295ffc5", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c5b80184-6442-5468-a9ad-db219b658177", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:eb07553a-ff66-5fa0-bca1-e6b14c2cbae6", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:faff4eba-dff8-590c-8e2d-da65891e9c52", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fdad5af4-f2e5-5669-b9b4-584afb9853cc", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9ef8271d-7bcc-5648-a7a7-97f6d20d96a0", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.2" } ] }