{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:814ae09e-4f54-546a-8468-14ca9602f6bf", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.2", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-jasper", "version": "9.0.75-tuxcare.2", "purl": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:2a436599-b237-5b47-acca-4e687cc679dc", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3312f241-119a-5296-a485-0ff7a0f7f093", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:51852cbf-ba48-5373-b48e-f34102006320", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:828b7529-3b26-5805-97ac-dd93d7b9b2df", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3d3f26fd-cbaf-5c34-aae6-e5bce88fa015", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3b1d6908-2f4e-5440-9b46-90248dedbe41", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a4b9e328-8899-5683-82a1-3097ae69cf03", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ceb9d2d7-07f5-516d-8b1d-02d76842d9b1", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:86e638d8-5b4b-5e34-bf60-ffbf4df749e8", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5e3dc5a3-b374-524f-ad79-50e8e78fd878", "id": "CVE-2023-42794", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42794 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7b16ea7b-720a-5790-b9b4-8f06a35dd1d1", "id": "CVE-2023-42795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42795 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:28586cb4-f78a-55b6-a8d6-d7e88287f7c0", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8db78edb-5c4a-5ed4-95c8-b2798873ed16", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e6b58837-fa50-5109-a5a6-e576f5f3d42f", "id": "CVE-2023-46589", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-46589 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:136359e3-0125-56fa-bd1a-79df95180ff7", "id": "CVE-2024-23672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23672 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ab9a3652-b192-54ae-9a82-deeb75cae5b5", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c0b6a41f-1c57-5695-8ad0-acb0fcfaac55", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:501b02c5-26f7-50d3-8b95-4b5fe08c711e", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:96073adf-da5a-50d5-bc66-8d85200e7b78", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9e5afcf3-de48-5fcc-bfc8-a02c9cd4284c", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1fcb351a-180b-5f4d-bc88-95da73829631", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:615490d3-be6e-524d-8f35-25e6f74fa229", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4d74f19f-c613-5999-ba58-002e8ca91d18", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:39241f34-dd4d-5fa1-b25c-188cdb9a1df5", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d9f96791-4e8d-5911-a019-35334df89844", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7197559c-9549-5011-8773-b701ede1e96b", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f8ce55e1-b08e-5118-bbc9-641b4492bef2", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c884b5c8-746e-5f4a-abbe-ae3df862bf2d", "id": "CVE-2025-48989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48989 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:17f0f90c-353b-56f0-a6f6-2bac9107c10d", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c536b2c6-9987-5ffe-8d1c-ffb46f754f1d", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d718e346-9ec7-5363-9aa2-9c4528c9ab8f", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b7bdf1d2-9855-5b97-95e8-08e94bb903dc", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c4ed49fb-173e-5734-b6e2-2cb8c7f2d3e8", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7c309833-11b9-5576-85eb-52a6a22d3d83", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:592c0ac1-5714-5b35-a301-36b40dba8b6b", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a6dcdd00-055e-568b-8712-ea224f89c551", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3955eb50-70d6-524e-b6d9-7eebaa7f965a", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fe5a8e14-e9bc-54ab-a8d9-3d57df63fc21", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c09e7918-9cde-5ef0-bdf3-2d98f2e447af", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8d9bba13-b18e-54a9-ba70-ad7b585f7a27", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c4e4a96e-8ea9-519f-8c87-1686df1bcaf5", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:92e452ed-23f4-58b2-a6f8-82d93e8e6f24", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:85f7bdaf-58b0-55a8-ba44-4c0e1222c15a", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a5e3c1de-e8ce-5b36-8fda-478d36d7cbdc", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c9e4f5bc-f497-50a6-9b4e-f4851f939c1d", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-jasper." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper@9.0.75-tuxcare.2" } ] }