{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:b2edab57-7f54-56b4-8713-ca36969dbefc", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.1", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-jasper", "version": "9.0.46-tuxcare.1", "purl": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:b1d40bea-661c-530e-b1d9-7d8f4c530b5f", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9f6aee32-adb8-55b1-85dd-ba7a67fb9159", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:106e6c17-7daf-5be9-a8c4-731c84132034", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:11fd25a1-5c88-5c4b-9020-93b34fc0f5b7", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8a19bb0a-24c9-5427-85dd-dadafff02b11", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:54102727-98bb-511d-8ec5-a502262aea0d", "id": "CVE-2021-33037", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-33037 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:510d01a8-659a-5115-abb9-f2be74835719", "id": "CVE-2021-42340", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-42340 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f298fb5f-5c02-5c83-8552-04f2b6976b21", "id": "CVE-2021-43980", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43980 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:db9d3860-3565-5f9f-9587-1f9523e89c1d", "id": "CVE-2022-23181", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-23181 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d12296d8-dea9-5bdc-a6b0-466f4aa951fa", "id": "CVE-2022-29885", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-29885 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:92cf2419-58d0-5e6d-838e-5cc62b49fd03", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:10b23924-2ba1-5ad6-b57f-622b7db6f14d", "id": "CVE-2022-42252", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-42252 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:18d2b409-7221-5e7a-a3aa-8d0e83e93deb", "id": "CVE-2022-45143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-45143 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c4132414-3048-582b-8e21-7b25170cf0df", "id": "CVE-2023-24998", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-24998 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e4ea98ce-6b9a-592c-89d0-22b130268a0c", "id": "CVE-2023-28708", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-28708 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:da842bbb-0a8f-5f24-81b2-dcac64aa3803", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8fa8eff1-d375-5c35-b788-968b3f112c5b", "id": "CVE-2023-42795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-42795 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cc656f25-3610-5070-8d1c-17d125429594", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:35bd0358-4151-5ca7-aec3-8747a58e8a93", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a5f6c045-17f6-5824-9865-24f3e7f3e52c", "id": "CVE-2023-46589", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-46589 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4ade8ae6-8ed9-5d7d-bdfa-8394f2090c73", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:98aac22e-357e-5ad5-8af6-e9f0d8495cd3", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:998df948-8a79-5627-9a3f-177aa1d0128b", "id": "CVE-2024-34750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-34750 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:27877486-2ef6-5b0e-b353-45137e7e6a9a", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:180267cc-4290-5a7a-8d93-e70cd4966651", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a2d76def-cd30-5f91-8e18-bf607cb93852", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9b573238-4f3d-587f-9165-f26a1c58c5f4", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:62d48820-7449-596c-9062-67ec4abde8c6", "id": "CVE-2024-56337", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56337 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ba8ea146-49b5-5b2a-ad56-61488ca88b2b", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5c6bdf89-33cf-58fe-9ae6-f082e38c9419", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9b48a9cc-9f58-5ef1-bc51-529a2b711dda", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7f24585d-90d1-503e-8d38-c26e6b7ad080", "id": "CVE-2025-46701", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-46701 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f7f34f35-0aae-5606-acd7-80d13ec95ebc", "id": "CVE-2025-48988", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48988 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:41123604-72ea-5851-9a63-42fbd8ba47ad", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c302327b-56b6-5893-9ce7-9047762a1555", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:767c0062-3351-5d90-83d1-5149faa8cf79", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:63f6a397-c1a1-5ded-b7a2-c3583134076c", "id": "CVE-2025-52434", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52434 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bd988b1d-6c32-5903-b61e-09d60b117bc8", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:eef493ab-fac5-552f-b950-97eea680ec95", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:89ef3e03-c341-5391-99ca-cbcf848d94b0", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ae46981f-be3f-5600-9f69-e9de77ee7cda", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b44e09a3-233b-5adc-bd6b-5974bdb20c7e", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:925e81bd-e12a-5274-90a9-6a58f795da8d", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fc30c3ab-478a-5f65-acf8-4504ff893d87", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9a233f90-2d2f-56af-9377-5019d699e6eb", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5008396a-b7aa-5c48-b706-ffe35c6ddd8c", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bd18fe8d-c9de-5086-948a-157bb56da393", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:21bc1917-3e48-510c-8866-1076607535c7", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7326803b-f57d-50d4-a77b-270527c9e60b", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6f8af33e-3c26-5ab5-a451-23b9b37d87b3", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a1d02ea6-524f-587c-b21f-c9d441ba5ee5", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.46-tuxcare.1" } ] }