{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:3991a668-46d3-553b-bc4c-1b68a60bb571", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.2", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-jasper", "version": "9.0.50-tuxcare.2", "purl": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:1e62cd1e-d1c5-5c27-bcac-26ead937dc68", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8e60b083-949b-5c29-9bc2-e2926b9dd9e9", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:40b53f15-d637-5363-9f51-1ad4d82264d8", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b09f01e6-c7af-5a01-a4d2-9d81a6c1a98a", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5839bb3b-8bfa-5b17-91c1-6894c0c93547", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:14785c37-9f41-59cc-af24-5819805b914c", "id": "CVE-2021-42340", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-42340 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:74b30b7b-b64c-5f85-8068-f84b7c884ef2", "id": "CVE-2021-43980", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43980 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8e6c6e95-6bd1-59a5-9578-ffda8e161652", "id": "CVE-2022-23181", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-23181 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:60291580-262a-574c-9978-5199fd03f919", "id": "CVE-2022-29885", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-29885 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6cbed1e2-27d0-56d2-8e22-a3fc62c374db", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ab2e28c7-b3ac-5a26-8bbf-59d54b086e6b", "id": "CVE-2022-42252", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-42252 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e06f1dbb-fef5-54f5-917b-c8cbcb541933", "id": "CVE-2022-45143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-45143 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:45d73c3d-95ca-524f-9c3c-abb67d2ccea1", "id": "CVE-2023-24998", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-24998 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b9b76bc7-5f5c-5f4b-9127-8c2f9805d237", "id": "CVE-2023-28708", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-28708 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bff40a2f-1b6f-59d7-8793-45fd0bcc5bb8", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:09eb283c-a8d9-5b13-ad30-3ced67a21170", "id": "CVE-2023-42795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-42795 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:95eb9ad4-0f5f-5534-8140-143e572a008c", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2fc15c9d-708f-5071-b4f3-20ac3b11a95d", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:59975180-22cb-5912-b4f7-fc467d6d5b5d", "id": "CVE-2023-46589", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-46589 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cd1a9301-2b32-5cb7-808b-3976acdedd17", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:66ea8adc-ec6b-59c0-a75c-57d8334294c9", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4416883e-d6d8-5f78-9cdc-d93cce075718", "id": "CVE-2024-34750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-34750 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:01cbd317-c960-5891-845a-3176f1ffd6ff", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8c9fe74b-1e47-5bac-8ccb-fa2951860096", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c3f8561c-60a2-50a4-bad3-5f4d95972f90", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f29e6ed6-af01-591d-9119-02f4ef00a7fa", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a8f7488e-6b47-5890-89df-a4cb06ea392d", "id": "CVE-2024-56337", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56337 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:942953bf-13c6-538c-a316-644ca5ef1956", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:de18ede8-0c55-5b60-96a3-b7fed2e4e0ba", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cdaaf3e1-07d1-5206-8b03-98e411635352", "id": "CVE-2025-31651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31651 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5787ee23-bbd9-59e2-809b-0db673b2726c", "id": "CVE-2025-46701", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-46701 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:88ecc443-ab2e-52e3-8d5b-b4301823595e", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:19037b23-ecd9-5eb9-8859-97467bc5a30f", "id": "CVE-2025-48989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48989 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:45b2209e-f3ac-5a7b-8436-2f3087597eed", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5a8e7088-d92c-54aa-b603-5bcf53ea74fb", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:219d65cb-66a1-5e81-bfbc-4d852fbe8de7", "id": "CVE-2025-52434", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52434 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:47b06cd9-f393-51b0-a750-7114c059533f", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fe3be6aa-4729-5baf-a856-58d524ba4796", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:eeb92363-e354-5601-ac6e-451eb8697245", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5af3dec7-a0ce-5b90-a93a-ce6fd339865d", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a82eb40b-96ec-5246-b953-e009ae6b6418", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b6c58ce4-f50d-519c-b5a1-b0802c3f1854", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5199ea39-0847-5cb3-a74b-5a212bee67c6", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1fe563c3-0e93-55b8-9d08-e0681169e67f", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7b2e6943-8eb0-50c6-91e4-5e038bb1d881", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:36736312-2f3e-5415-9020-00435ab5ce50", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:21c65fed-005c-50ca-8f0d-1a598545d261", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:532bba27-5781-58f2-ac9c-66dda6c18d91", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:97819c1f-24d8-5c26-be87-41c5292b97ba", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3282eeda-d386-587a-ba67-fa939ce633f3", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.2" } ] }