{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:2306bf0f-82ae-5102-ad62-789061fcaca4", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.75-tuxcare.3", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-jsp-api", "version": "9.0.75-tuxcare.3", "purl": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.75-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:1b7cb3be-ad73-5059-a5cb-616f0a4f73a5", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bbedec7f-7003-5f13-814e-19c8f3a13fc0", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d2eee07f-19e6-53a0-82b0-0e8d9d805aea", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3acc6f94-09f5-5d01-ad40-bca65508b5c8", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:374cf62d-d4d5-5623-b626-919451fb1dab", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0c7c2c82-2256-5cfe-a903-382053a6c9a2", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:264b6782-5df8-5726-8152-e28d960d0348", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c50cd89a-ebd4-5407-903c-9971278b780c", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f04aea66-a4e9-5bc4-8756-993bf35f70d1", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2a89e867-0085-5375-97e1-85b64832ad05", "id": "CVE-2023-42794", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42794 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2246cb69-18e3-5809-a32b-196dbd3f4893", "id": "CVE-2023-42795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42795 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:225f20bb-1305-56ff-9e74-f3edfa967250", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fd3d112c-dcac-5875-b985-3187593ec1fc", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:15498775-1dc4-539b-b897-b46ab547ae15", "id": "CVE-2023-46589", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-46589 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8c88f970-d56d-5d56-a44c-39e8b66d4535", "id": "CVE-2024-23672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23672 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:12750dfc-e9b2-5c08-9262-36d54fb0b3dc", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9b1a2b68-fbee-5074-93a3-ced4db633ecd", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6408e4aa-de53-5774-bc82-4fbaefc7c90a", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:065720c1-5f80-5120-8c28-e5ba538d7ccc", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:65892183-b871-53e4-9cab-88525f4850e9", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:240c5d1f-aae7-52b0-9ed0-6b97480c9209", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:aaf9a358-b7f7-5290-9f19-41e7ad5083ed", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6959fd6d-dcba-5f7c-900b-3f5bb3b8e9e9", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b7b0fea1-f623-5e87-a816-1f5d21511dda", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:acc3b9a9-4b3d-5619-8be1-c9f23db51654", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1f9bb9b6-be75-5965-8fd7-6a320ba41946", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b49fb019-1d06-53ec-adcb-6167c46d5a52", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9a27bef1-66c2-5720-b9cf-b6a57a827e39", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c2cd998e-8a9e-5411-a95c-52ef85afa359", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5ec8c030-e91c-57d3-8b14-409b9333a221", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a49db651-8cfe-578c-8928-6a7aaf33d024", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:146b7f6a-3aa5-53dc-a32f-c170d72149db", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:181b01b8-421e-588a-8213-fead3835038a", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e80869a8-1155-52bc-99e5-a5a74056c0b7", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a2c7dccc-b552-5da7-87ff-8a2681bb84f8", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:13cacd2b-0a27-58f9-8cc6-38317ee42ace", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5bbf20fc-3593-52ef-8240-df5a3fc889bf", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c253bd6f-13c1-549e-9412-c819e2ecc7c5", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:18c35e42-5ff0-5e87-bd38-d6eb5a21dfeb", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3347206b-f566-5c10-9ef4-467f753e4674", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:76df7537-ad04-5ecd-8c66-90b64d3f5400", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b83cb0f4-c0c3-50c9-a457-b03bbdc95b53", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ac2544c5-f7d2-5a72-a8fe-bb497e408552", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9a835f37-a0ad-5b18-ab97-37b9b7912c77", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d373de59-0bf4-5ef5-8314-6c67e64d2fc3", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.75-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.75-tuxcare.3" } ] }