{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:7b1c2eb6-f8a4-5a1e-a8ca-beb57d41c30b", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.8", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-jasper", "version": "9.0.50-tuxcare.8", "purl": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.8" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:06af472f-af4b-5dae-bc31-364ac30a4d3c", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:18e69fed-ec15-51ac-a3a3-b3381c67070f", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:e90c2cf8-6170-5972-bb56-c3e8ddebcbe7", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:e01e7256-886e-511d-bb17-88c9b75291cf", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:38208223-c994-5119-a80b-a0596ce5ec33", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:2bc64f98-fc5d-5e62-a770-d7291b3f4fe5", "id": "CVE-2021-42340", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-42340 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:16e7772b-f479-564c-943e-05dae408866c", "id": "CVE-2021-43980", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43980 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:53f27367-f8f3-5b22-baa2-848e332abeee", "id": "CVE-2022-23181", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-23181 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:015d0b4f-e4aa-5436-bee9-cd5ba96df8fb", "id": "CVE-2022-29885", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-29885 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:526f3cd2-89e3-5f96-9ecc-b3add207d83c", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:444f5234-b047-51a1-8d10-a886bc05b736", "id": "CVE-2022-42252", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-42252 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:346f8c3a-7f2a-5334-bc22-8a2019d3f349", "id": "CVE-2022-45143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-45143 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:74f2bdeb-3026-5a16-8c52-66e5d12d707d", "id": "CVE-2023-24998", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-24998 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:2c84808a-8bac-5aab-a534-f5110685bcba", "id": "CVE-2023-28708", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-28708 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:a34138ca-b1f3-5320-b34b-c29fbca051f2", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:eaee349a-b364-5064-af2c-0ad5402115f3", "id": "CVE-2023-42795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42795 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:c4ecfc47-7a7e-5ad5-8e8f-9d931e0c20f6", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:c574c9e7-f3aa-5694-acff-5161358787f4", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:60e29b1a-9281-524d-a9b4-c0ecbc81efe7", "id": "CVE-2023-46589", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-46589 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:3912a762-aa2f-5851-8ce5-f87549335c67", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:ea7fd8f1-0da1-5801-b702-8544e156f0b8", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:a457c31c-5363-565a-8436-55ac0255567d", "id": "CVE-2024-34750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-34750 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:e72f8064-720c-52f1-8029-14ece3adf581", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:8b08a0d1-1454-5b72-a281-e9ea9b6a6175", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:e7d35a76-95e8-5708-a6c4-94edf23a504e", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:0bd90ec8-a75f-5e11-a122-51d2ba8b37fe", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:f4cf54f1-24a6-558b-8960-eeb095ccf493", "id": "CVE-2024-56337", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56337 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:37216261-519c-5bad-bb43-7962fe02ebf6", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:beb0ecfe-e665-51cb-8b08-a3ab86703992", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:6fb7ae6f-4b58-583e-9a24-70cc2670fb0a", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:6b218b5b-fc83-52fe-b0cf-c7be4fa83522", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:64af0769-7b89-5baf-9768-a1c547b4a5f4", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:712f934a-a553-522c-93ff-5482f2499d49", "id": "CVE-2025-48989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48989 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:2f3ff7a4-ec77-57ec-a0f5-c77f0526c42f", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:41238439-3f30-5aaf-a7ca-881568801f50", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:6e14a4a6-17db-578a-aebb-e1c2e72ca2ca", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:faa9b8df-f081-5781-9031-9f977eb5c40f", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:62a2a053-4972-57b6-aa58-b34fa176bb88", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:a7312087-eee8-5d25-9cbd-08c6515f7149", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:1d3bbc94-6eb8-5e6b-ada8-f9f088624c63", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:8ab8bd1f-1d4f-5033-87f6-8f5de73a42fd", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:0e5e0acf-eb39-507a-9eb3-17bd2bd70fb4", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:ab8cd709-fbf6-5c00-9fad-357ffaface47", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:c95ed0b3-bc3b-54f2-aa90-377a674f3569", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:2a836b10-de34-54d5-a71b-b154c111e622", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:6c201f31-722f-57a8-8b8b-35cfbb28fd60", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:d732b698-20f2-5888-b496-80e375492b00", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:1bb25aae-0441-5867-9f02-1c1724d1e6d8", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:762d5d31-6281-5be9-ad2f-842bf210490f", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:a98f3eb3-1f7e-586c-8176-0b5289e846ab", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.8" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.50-tuxcare.8" } ] }