{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:cb451f42-001e-576c-b70d-f05b0e7bf49a", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.4", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-jsp-api", "version": "9.0.87-tuxcare.4", "purl": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:0562ec77-a920-5c82-b9c7-cf11002f9c83", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:59221ad8-e1b0-5ac4-8b17-1c7173514b38", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d599d86e-f24e-55f3-aeca-2ea79c5e33b4", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:32c1cdf8-2f35-5b6e-87de-f54db55e17c6", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b3a1705d-7c87-5881-8d6e-afb183179805", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e7e66c31-6e9b-5f89-b7e9-3abefac75bcf", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e27a78e1-2d68-5506-8dc0-b45abfc07fcf", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f28a0df9-328c-5064-977c-feb65e20fc7c", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8b274ec4-ba8f-534a-a8fe-5dd22863f7ae", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c0be3788-a0b1-54f1-bcf3-353ed7c177c3", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5a4d3d70-a301-5ecb-8492-32156b196c75", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:dfe214d6-a992-554e-b056-a85e73660d3a", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6daa43a3-609c-5b45-9dbc-99d6e7a1cc4f", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c7f511be-2348-5282-b78d-d6fc3c782f0c", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8437ba57-a252-50e6-9df8-5c6c9d1860c0", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:46a0f6b9-1d91-55e8-bce1-e14772fd0f31", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5c453077-df4a-570e-9f74-1dbcee2c4c78", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3f5f3f4c-903c-54c7-8b23-73b7f9eec888", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b2e32f77-0d66-5a30-8e96-e5842a588303", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d3e97d0d-119a-5521-8b59-655394f74c85", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:798e1ac5-abe7-5482-a46d-e6f3b458dd76", "id": "CVE-2025-48988", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48988 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f98d8ca4-da5b-597c-b997-2aca4d851c3f", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6edaad35-1565-5c1b-bf59-b299a19c6217", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2dcdde38-df89-50d6-966f-d311d5c54fb9", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4c9a19f9-ba74-5380-802e-c0312a6855c2", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1648a98f-d8ad-5fab-ba2c-16ab37f7eab7", "id": "CVE-2025-52520", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52520 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bd488ae7-0123-5e79-b4cc-1b87dd4647ed", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b477468e-47af-56a4-9f25-4d69d1b90f59", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:10f2bd45-8e1c-5bc7-9030-3ea52d462404", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1cd80401-508f-541d-bc39-f322f7656ff4", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e04acc92-4324-591b-949f-42d49bd78177", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3c1d8c20-984f-5d2a-aaa2-1412acbee3ca", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0330eeb7-5139-5d4c-9918-460d818fca58", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9a25ecb1-2cb9-58c1-ac79-2b789382d87d", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3924f4ff-4ae1-5f7b-b0ce-a3609c73cef6", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:58efa6ba-c25c-5e9c-9066-8e2745da81c6", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:75a5d34e-c1b1-5788-8fdd-27593579a030", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3367614e-18ae-5be2-873e-c046a40b645c", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1d36840a-69f1-5ef6-aab6-f0ccd09eb1c8", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4e21f26d-21e5-5f4c-8a73-ba6cd3781e79", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:59838a6e-6688-5bd6-ab0e-f05697d13530", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-jsp-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jsp-api@9.0.87-tuxcare.4" } ] }