{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:d5ba81e4-440e-5c67-80aa-2556857d6333", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.1", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-jasper", "version": "9.0.75-tuxcare.1", "purl": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:42f994b9-4600-5be2-ae9b-6455b62f18ba", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:203b6c22-f366-5244-87fa-cbf5a96957a3", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b45274f1-577b-5ad1-8baa-e8d7248d5e0b", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:47df57e3-e5dc-5b33-a2ca-3996234399ca", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d20e2014-fcda-5c23-a119-7e106594f4e3", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:103d648f-9083-5657-9c75-864cbf01226a", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d63116ea-d23d-53e6-a834-318b77544fe1", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5c436e7f-3d2b-5b5e-aebf-368e48b92eb8", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:726922b8-01b8-5c24-9c3b-bf8928ccb563", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9e16c7c8-f1e5-5015-b06b-3cea3f1897fb", "id": "CVE-2023-42794", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42794 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7771a2e2-bb19-55b2-b173-a524c5c7754c", "id": "CVE-2023-42795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42795 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:606ca98a-7a40-5095-8449-66338c6cdabf", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e6e355d7-d7f8-5187-96f3-74f0bf3fde26", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:61bf24ca-6c4a-5841-8b86-071f44ced34a", "id": "CVE-2023-46589", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-46589 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b541ffdc-3408-5b1a-85de-43227fea58c6", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bac4fc69-3e5c-5eac-8e2c-11e53c88cfac", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3c1fc501-a473-5c16-8ffc-408c1faa304b", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:448dd6c0-1170-568e-8860-571f33747a23", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:feac1b86-45c3-5251-9c71-a97ac1d3b783", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c14320a4-ca38-5aaf-80b3-941e94482a16", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:385e4254-36eb-5a23-b41d-eddd4d38aca8", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2ab2ced5-9239-5e6a-8128-074219135a9d", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e007818b-d5c0-5645-a7d5-7aeaab9020a1", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:94317de0-d1f8-5cf9-bf64-62e2726756e1", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:659d439b-1f3a-55dc-8642-cf7e16d6b3c3", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ba3a054e-cd2d-5a19-bf1b-cee0f6731a88", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d6bcf547-e178-58d5-b494-e10fe8418cbf", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a81e7e1c-42e1-56e5-b516-8f4617c68857", "id": "CVE-2025-48989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48989 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:80e4d622-4cee-5a12-ab14-ecbb99e2857c", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:70ba3b22-b337-5692-ab7a-4b7c42836cea", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:11232107-cfe1-597c-895f-28add49a0850", "id": "CVE-2025-52434", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52434 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:95b0063e-4ee3-54a6-b86d-dd816d855f80", "id": "CVE-2025-52520", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52520 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4f9a33ef-85ee-586f-b264-04c7953ee4c5", "id": "CVE-2025-53506", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-53506 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:55642c84-62ce-5886-b5bb-9c6c79db3f83", "id": "CVE-2025-55668", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55668 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7a628f34-1196-5cc0-9365-5cec973992f5", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e1ffea49-6986-5937-9b9c-77a68379f163", "id": "CVE-2025-55754", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55754 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:24d5bd06-2fab-5b74-bb2f-ec6adf8152cc", "id": "CVE-2025-61795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-61795 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4cb1783b-6f82-51e5-a42a-fdc6e5c65ba0", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0ebff849-70a8-5bd6-a118-1cbf29202026", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5a49d0dd-ddb8-563a-95c8-3d9b897152bc", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0527280f-1263-54ed-ac2d-43888ead2ec6", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9a0ef80f-dec1-5b57-ba04-a01d31ec835f", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a025d836-ca82-5bd3-8755-6c65093b4cd7", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:76eddfc7-8576-54dc-9df9-1477bf159cea", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0fd6a8e6-d74d-5e95-a1fc-7c85b25cad08", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.1" } ] }