{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:c7c9e69d-28be-5e04-9a3c-e62052d920f1", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.5", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-jasper", "version": "9.0.50-tuxcare.5", "purl": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:b20d6d34-331f-5d2f-850f-c984803101e8", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:74f0beba-c6c5-5730-aca0-a91f00316fe3", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:110859bc-e693-5ffa-8e6b-0e36e1a3bb56", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:703549e5-4b29-5f53-88e2-b9076bf92f6c", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:68cf8c3f-18c9-53ad-9ca6-153daa062103", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f6a6a1bd-56dc-54d8-b626-52e1295dbdb0", "id": "CVE-2021-42340", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-42340 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0ae03c51-a4d1-50e8-b638-0d4791063ef8", "id": "CVE-2021-43980", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43980 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0587439d-d77b-5ba2-963e-719124ab8c1c", "id": "CVE-2022-23181", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-23181 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0c157949-6934-5818-bfdb-166f936d4050", "id": "CVE-2022-29885", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-29885 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:61e5b352-444e-5029-b939-4d4723bf01be", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:dd616ce5-947c-5084-8bec-30de18c935f8", "id": "CVE-2022-42252", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-42252 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5838cc23-9a5a-52d0-bf40-e03b2944c5b0", "id": "CVE-2022-45143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-45143 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e9b5abe6-a526-57a5-82b1-ea2b261422d0", "id": "CVE-2023-24998", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-24998 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8d1b2656-58a8-5452-815d-1d629f9d2524", "id": "CVE-2023-28708", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-28708 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ca345075-4781-543e-8a34-80f78b9eb708", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1882739d-746f-5bb8-bd2c-9143e403c3e8", "id": "CVE-2023-42795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42795 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a475a73c-2a18-5146-a821-1f2b7f74bd47", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:499d5cf6-7101-5949-a57b-ad74af7ff9f9", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3f1fd284-aeb8-5c2f-b795-41efdec71da2", "id": "CVE-2023-46589", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-46589 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:59215fd7-02df-59ca-9745-2c5bdb563289", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3e5554a2-8b89-5117-80ae-b2d106cd8286", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d8d47483-d036-573f-91f9-e295fd7abd23", "id": "CVE-2024-34750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-34750 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e87947d9-db12-52f9-b001-a822fe840420", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:218f8c63-f78a-5047-bf68-80c1ed36c78e", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:94d1448d-4bf4-5106-86a2-2a87a37f09df", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6479c9e3-31b1-553c-9f91-7a236fd361dd", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e326f998-f3cb-5984-bfdd-58727e210a97", "id": "CVE-2024-56337", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56337 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:da296883-7c6b-5d6a-9e7f-13d3d2f3bb53", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:dce6709f-fd08-59fa-b3b4-f88979d91514", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:74606e69-fcd6-5f20-80f9-d0cc2556f4d0", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:63022599-abd5-503b-85af-9a0bfdc11f3f", "id": "CVE-2025-46701", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-46701 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8bef98f3-1566-5227-9fd3-4c68ecb8670e", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:73b93721-9b52-523b-a0c2-f8911dc62a75", "id": "CVE-2025-48989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48989 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d153c7cf-242c-54d4-9a64-13d26778cfd4", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d525659b-e924-5afd-97dc-4aad9b59c851", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e8769784-c330-5d8b-b57f-b6ea61cda6bb", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f7610f14-e6bf-55cd-bd69-04993bfa0796", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3a7d04c0-4af4-5521-b151-161773c67b54", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3dd129b7-c338-5c74-8cd5-8ea35bb18f9e", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a3345320-3582-55d0-b59d-d293229b3e4e", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8239d896-980e-5051-b752-334ac83e2008", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b7871e54-6ac5-57bc-b7f9-b0f6322876f8", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:71327793-f4c1-57d7-9282-506147894af6", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:06ded0fc-b8ca-5d3f-ab22-c75c50a5b863", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:71b80b12-ddc9-53b8-b721-df1d5da08ea5", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2a855783-fedc-58a7-8716-a8cd0af645b0", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ff677cab-d5f6-5268-99c5-1c35d2009b2b", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:71b501eb-ccdc-55e9-8d20-5ad0012f2be8", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:dd665b25-3d34-5a3c-9f90-6aae838d2f63", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2bd21156-c7f3-5723-9889-4fcf72c6722b", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.5" } ] }