{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:137cee51-a0f8-570f-962f-9d1c0e546305", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.3", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-jsp-api", "version": "9.0.87-tuxcare.3", "purl": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:2edc2138-d190-5da4-86bc-fc0073320aa6", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:81599df9-3522-53df-9779-edd3e388e541", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:81bd222b-6885-5e09-ad7e-7cfbab88720d", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a44a4937-9379-5358-9bfd-9f1bb121bcae", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bb4c3fe0-1510-51d3-9f96-81045476fb0b", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0f7f7f45-1ef1-53f1-bee0-3d3e67697d4d", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:38f8f0b5-d795-5018-bb5b-5ff089bbec6b", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7e9ac876-0be2-5a90-bb9d-c23ef5b5d5d9", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f11c60fa-4860-50be-84ad-83b9565e60aa", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:83b6d1d0-e6b9-5f92-8894-340317a3d057", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:79762114-1dcc-5154-8b25-8b0a83a24040", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:47c71eaf-8013-5891-bdc0-876c69ff94e6", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ff9e8195-8fea-5b40-8b3d-0c151ea857af", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b7384b33-a3fb-5335-9dba-610a95d1b400", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a18b22e8-27d6-53d2-816d-7e9a32f7cf90", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:16a2aa73-d628-5e71-b7f6-92dacf63364f", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4151c9df-560a-5012-bf15-71d6dfd78113", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a594e63c-294b-5891-9fe3-4305dedaf571", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:03692668-d799-5f34-8c9d-635f68b6e4e8", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a0c2a014-fc52-59f9-af22-99a5b0c733b9", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7788b43f-630c-5f03-9c01-0e5379680b37", "id": "CVE-2025-48988", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48988 affects version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7914cd7a-0271-5b1c-9306-1af33f47b6b0", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:614a9e0e-a296-5020-a104-ec4d2d207de3", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:08357e21-d229-59ba-a253-6847e6f3c112", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9b30658b-4827-5c0d-b6ac-cae5985699d8", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:973a8460-a45c-5eb0-971f-d423e0b7266b", "id": "CVE-2025-52520", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52520 affects version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e2994744-a00c-5dd0-bc00-e74dd49aa172", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ddee6756-ebf4-5e1d-9b8c-01b186db5fd1", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f0336edf-e5be-53f9-bf06-24fe9cd24b60", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d13684f4-9e9e-52f3-abdd-1d8eaa75d3f3", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:957be37c-d5f0-5d0e-806e-41c9f6c900c7", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:23dceefd-a627-5769-bf86-ce247e7e5940", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:02feb5f5-4ca2-52dd-a12c-a7079c42c7a4", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e1d6253a-bcd2-59ab-afb4-3727c0ca445a", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8b5bc07f-3831-517a-84a1-a36e5e136bf9", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6ad2df0f-511a-5c3b-800b-ee67d8842fb9", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4cc063b8-d1a2-5933-bde9-e7f13d0f2be3", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a759bcc7-2d36-517f-b1e3-26434052f632", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:de3169e0-5bee-5ab7-b859-fb52851edef2", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e375deee-5d19-5161-8252-fb2c20d86560", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:36da8242-15e9-52b1-8f9f-4d7fbdd357b1", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.3" } ] }