{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:6a226002-de0c-549e-8339-948555e6e358", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.4", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-jsp-api", "version": "9.0.50-tuxcare.4", "purl": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:9044f603-1a59-5686-9963-4ce0e6178f2f", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:44a34f64-24e6-58de-924d-a1c6210ec5e5", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6b37c769-181c-5a5b-8eb8-0c4cd33cfcd4", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:418e8cdb-b595-5f79-b369-5e5157934e4d", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:47c9e47d-d96e-5902-b26a-759a369e6717", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6c73da27-ebcd-5f61-baaf-17e84c4f159f", "id": "CVE-2021-42340", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-42340 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d4c458c3-4d88-53d0-8552-66f781991837", "id": "CVE-2021-43980", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43980 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1afd646a-c1ca-5c10-9c40-1001d8f3419d", "id": "CVE-2022-23181", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-23181 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:94a07542-f7b2-536c-95e4-ef29fe3777d2", "id": "CVE-2022-29885", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-29885 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cd1e2c96-ae76-564d-a732-4fdc15ecab10", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:36a72560-b3dd-5cad-81b0-b16d4c42b347", "id": "CVE-2022-42252", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-42252 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:41f739b3-f784-5e27-acae-2afa56e7b41c", "id": "CVE-2022-45143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-45143 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:283e842d-c83b-5774-8798-0a42bfae4d12", "id": "CVE-2023-24998", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-24998 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:616f3a52-d086-5239-8a2c-bf9e9392ce43", "id": "CVE-2023-28708", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-28708 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:286d1690-c2ac-5bbc-8bf7-637bd62ea8da", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ff3dd536-7627-52cc-b3d6-835eee13db3f", "id": "CVE-2023-42795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42795 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0311895a-b79a-55dd-b0a2-3119784da8be", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ef362f7c-d40d-5a47-9cca-30e9e73c45bc", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2aaf942a-b0c3-5345-878b-bfb9080323a9", "id": "CVE-2023-46589", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-46589 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:51384dee-5b14-5baf-be3a-451e98e4ded2", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:07de8875-8227-5a11-a278-7822b287e3e4", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:632190d5-f9ba-533b-9df3-d5045745614e", "id": "CVE-2024-34750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-34750 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:91d996ec-d775-5636-8ac4-c252132f6be1", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0d7ccdde-36e4-5c08-a3d4-0fd1b8c0bad5", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:62e6bef9-5d6e-5e94-8dc1-61247ea8c204", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:60ef09bf-6304-5cd1-8cf7-c10fe7a6bd94", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:550be52a-e52f-5b87-96e6-3c133bea6e7f", "id": "CVE-2024-56337", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56337 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8894b95e-84db-5d42-8450-fe2c1a9b8291", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:efc7c018-73ba-5489-92b5-8286b0ed0b83", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e0630283-a0f6-5481-8ad2-58797d0f43e9", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e0080170-b213-5667-b408-e04894364969", "id": "CVE-2025-46701", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-46701 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1613c2c5-4474-565b-97b8-1ceffaa8bdc0", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5b9b21e2-8c7e-5f80-bdcf-a0b92814a81a", "id": "CVE-2025-48989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48989 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fedb4533-7d27-5ea3-a518-beecfb905601", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:839edc91-6aba-51e3-a0d7-d12a1fb76cdc", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d3443a09-5f9d-5294-b7e0-5c892ec217e9", "id": "CVE-2025-52434", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52434 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d999f441-bb03-5c78-b6c0-7b65d26bdaaf", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3f10d20e-cbb2-57fe-a83d-a90e80b7a931", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ef844d7d-db7c-58d5-8344-ea1debd8ebc0", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:efe8ea1c-e9dd-55d7-970f-25abb6ac42fe", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6f511614-0533-5dea-9646-2e97ada44d76", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f960eaf6-87b8-5b30-85f9-0a29538968ea", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1e2a58f3-de7d-56ed-a2e5-5e9bf7e72235", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f42f2549-e3fb-5290-9df4-95d88abbdaba", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2dfcdcd8-f148-5742-92b2-bcd9ba8309e9", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5285b911-cefb-5cf6-8938-bf061eaebc18", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:56eb24e2-2bc9-5be2-80ce-a7b7f88b2330", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1abff2c2-53f1-5362-a025-cf4b7e4c411b", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:da346269-ab42-5c65-ab69-5730d3f6e5b7", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e1f77d26-f942-5c25-83ea-e613b63227fe", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.50-tuxcare.4" } ] }