{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:72aeda6a-bcd4-5aea-bfcb-fd31d0e9ec8c", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.3", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-jasper", "version": "10.1.18-tuxcare.3", "purl": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:6788fb45-b17d-5d2c-b401-ddf47d6a5c10", "id": "CVE-2024-23672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23672 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6b9ff9b9-b294-5072-a985-641c74056498", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:443c9e01-6859-5c5e-80a4-97510afffdf4", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:90d024ca-d6d3-52c3-ada4-77bbcc64df00", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5ee9fa55-7185-5a5d-ba37-9d144b69c405", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:710a48cb-f883-5bf4-acac-cd20d82eb876", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9cda8036-d156-52f7-9f8e-ced9d382555c", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b7a81a26-a72f-56b0-89e0-44e5767396e1", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fb5239f1-515c-5477-9ff7-7b4bb37a09ab", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e00d9609-b4f2-5993-bb9b-d322538ec5b4", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9721cc32-2349-5064-9274-1a11b6cd391f", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f0033107-f1a2-587c-b7e0-e4a23215935b", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b02d2db0-5a3e-5f32-b0cd-7a64f4427323", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e6505656-a21f-5e75-8488-18cf262e9e00", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7e2314fd-6e44-5446-a15e-edc374166199", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:66ff97d4-563c-5ec5-974d-fa78f3bd4211", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e00ca1a0-991b-507f-bb4d-15e7c44e14d3", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9f3ef35f-11b3-5b19-8626-99b5e2031382", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d1109743-7948-5523-8309-60f7b288f9ed", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:aba83ca0-323f-533e-9756-134f9b5dc3e7", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:63baea89-4062-5a04-b910-359d03606630", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:578f7c18-9987-5f3d-8d71-9d89e0e5e366", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:79d2b817-2343-5069-a6ca-f86302980f26", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bfdf6862-1f7b-56f2-a401-bac2bd98e725", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1043e006-e21f-5264-adb2-e6f404dd589b", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ed70b9ab-038f-5624-accc-7eb473cdb36b", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b29aa13f-e6f9-5c05-8eed-7aff7f7cc3f9", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6ee104ce-3ae0-5c04-a72f-a2f58d612d1c", "id": "CVE-2026-29145", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29145 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:eb7aea56-0137-53da-a5c5-1dc6ab4908a8", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8bf8ff0c-89ff-5ee5-8fb2-e5a2d21a6833", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3a0c2c98-3068-50f7-a4ed-5efb6bd90f69", "id": "CVE-2026-34483", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-34483 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d1accd00-5ba3-584f-b3af-cb1e5e20cf9e", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@10.1.18-tuxcare.3" } ] }