{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:2bd2113e-1729-59a5-adb2-44c635afb51c", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.100-tuxcare.2", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-jasper", "version": "9.0.100-tuxcare.2", "purl": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.100-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:f8df27ba-f595-59bf-90e8-c4b60aab9ba6", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:94f144ed-e991-54af-947b-c9a3fe2ed929", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:aa4d0460-cdf3-534b-9151-66e45a25652c", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2e694098-85e0-5768-9b59-09443690ae05", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8884c8b0-ccb4-5d1d-afa3-88777363bd59", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4e4807ab-5400-527e-88f9-71c583eb8269", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a2777f8b-bbf7-5bde-ad94-38e93ae25642", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4fe86ab0-c116-55f2-b0e6-96d0861ca07e", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:22bd3bda-8d9c-512f-a5ee-f34a18227160", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0869f872-83c7-554b-92fc-ae52d0a1ea71", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cb7450f3-4d2b-59c4-8065-395aad14a951", "id": "CVE-2024-52316", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-52316 affects version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ba49ea1a-93ff-5d3f-b775-87f12ebea319", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1806f029-d7e6-5637-9dda-4e7d4949ca21", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d6782739-e0cd-56f0-8128-40ca0760e79d", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0f70447b-17bb-54f7-bf3d-43001026bafb", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a90bc95f-4b7d-5e2e-854b-d784ceb914e1", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f6386f80-0806-509c-924e-7a386c7888ae", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cabf3739-3fa9-57ce-8b55-0deb389a1bb8", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0864934d-da61-52a6-9e1c-773b3fcef32f", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:deebf1b2-a955-5974-9f8c-7a43b94e73bd", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8657c085-c202-5a12-863e-32172d590de5", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:aa33aa3e-11bf-5750-90e2-df912ec22916", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c7fdf192-cacd-52bb-bb94-6b709a1024bc", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:34de341e-898b-5876-9131-7f527e4ccc83", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c3fd744c-e17d-5d34-9115-916326504d15", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7d903bec-4306-5606-9f1e-0a7b68c404a3", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9132df09-76cc-52b6-9eab-36814c8d6037", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:82980c1d-b88d-5bfd-8651-bc0ebec7bcf9", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fb603567-ce81-5558-85b8-97ec6c5e019e", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3665626a-17ba-5c0c-8639-524c09271c79", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2de29ac3-e315-56cd-80c9-0268aa80301d", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3ae8b7b4-0812-5665-82a3-9157cb998a78", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cfa63878-109b-5286-b794-05f6d7abec69", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5c540cd4-6df4-5dd7-8804-f3e469373fd4", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:96098584-53b7-5a66-b7d4-2f965490a23a", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cfd10db4-c47e-5ead-878a-9fe771ea9fac", "id": "CVE-2026-34500", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34500 affects version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.100-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.100-tuxcare.2" } ] }