{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:d1649ee8-85d0-5c47-88a2-0c72190339b5", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.3", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-jsp-api", "version": "9.0.50-tuxcare.3", "purl": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:fe08460f-66e6-56e9-9782-44cb152c6ce6", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4bf237df-6141-5fa6-8eaf-83f3bd4861d6", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3f6c1e58-fb7f-565f-bb6f-7c2f720f60c4", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e97f6b4b-f2f3-55f0-a7e0-05b3122a8042", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:301ff1c2-641b-5c0b-941b-0ebba78c4310", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8ae100a1-38be-5ebe-84e8-cf051d66bb99", "id": "CVE-2021-42340", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-42340 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5e638ee1-3a56-5eb1-9aac-808a3a4571ce", "id": "CVE-2021-43980", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43980 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:489a38a3-2745-54ee-82f7-057509294e7f", "id": "CVE-2022-23181", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-23181 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ea4e3ae9-eee9-53e5-80a6-849674da090c", "id": "CVE-2022-29885", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-29885 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:57ad3028-0d8e-5536-90c7-594801435cd8", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ce58269f-c8ab-5b29-9ad1-15844dbf6b76", "id": "CVE-2022-42252", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-42252 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8634edd2-4281-57cb-b45a-9d4b343e8275", "id": "CVE-2022-45143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-45143 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:819eeb6f-9669-53d2-abe6-93083cf2324d", "id": "CVE-2023-24998", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-24998 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ac5cd8ff-56b6-55c9-b5d9-1eab3c741734", "id": "CVE-2023-28708", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-28708 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0a193e0b-462b-5846-9a38-3182a803a5de", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cf661693-3237-5dbe-b9bc-4c70273bdbc5", "id": "CVE-2023-42795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42795 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7a35fc6b-f643-5d32-9422-0b911c0b5249", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9ebefe52-0dfa-53be-b456-ade3a300db56", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a7ff6bd4-33f9-5ed4-9ac1-27f69a900c43", "id": "CVE-2023-46589", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-46589 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a019147a-f1f2-53f0-81ab-cff65fe0a0d3", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a0f98ba0-d657-5366-a120-7143d18c8f8d", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e181af7c-003a-5377-9218-3b9a64d862c5", "id": "CVE-2024-34750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-34750 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5cf4e0c7-0d86-5422-8a9e-244fcd8d1c61", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2635bda8-34cb-5b77-9d32-49697ca61d56", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f5c5d2f0-9ec4-5c46-898d-ae977ab9b958", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e6f608f5-a439-533c-b5ba-294ae74c8d5f", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ff4b45e4-3634-5c0c-a695-2e98b309bd29", "id": "CVE-2024-56337", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56337 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d2c86cbe-3103-5625-9db6-24c0c9b3740e", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9ace9837-455d-5335-834d-e6f871ea4768", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e2be3366-e77f-5a12-a73e-43f2d4faf243", "id": "CVE-2025-31651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31651 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:db05f095-5df5-5077-8241-a30c6c400413", "id": "CVE-2025-46701", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-46701 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:44dee980-c2c3-513f-9a83-cc289ceba297", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:04b74dba-d759-52fc-9ce3-111dbead9c31", "id": "CVE-2025-48989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48989 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a73c9f80-31ca-5d7e-b990-fa603a23603e", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:02d98db8-a74e-549e-bc43-bcbb119c71fe", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8655a116-97b0-504c-808b-1b5b91f68606", "id": "CVE-2025-52434", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52434 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9948bc1d-dc24-53f2-b914-35176ce81136", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9770aa86-30a8-5980-b518-2e7681147300", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b23c8476-43a5-5138-8ae2-6377b17a56c4", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:236660c9-87cc-5d21-9e38-0dcd461c39d2", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:52ebef0d-6de2-50a2-8362-51f9e8214822", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:521705e7-8f99-5d40-a511-1634204c961c", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:14bbcca4-b88b-5d07-b20f-f4e0235a5ff6", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4da2f322-d11f-5f24-8485-a57ae3febdd4", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:daa8814e-a114-55e9-8b17-986a3d7ac48e", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c562eaa9-2e88-5a1d-a850-2ff32e2910b4", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2fdd759a-620b-5341-b458-2bb4c0327e7b", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e651304f-8fa6-51cf-9b7b-2e3d03ac20c1", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b6b24b0d-9fd1-56d2-846e-ff12b98100fe", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:836a6cc8-7cc9-5bc6-846e-5fbce9d971af", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.3" } ] }