{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:3dc7a329-a1ba-5907-bf6d-807114ed50d8", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@8.5.100-tuxcare.6", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-jasper-el", "version": "8.5.100-tuxcare.6", "purl": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@8.5.100-tuxcare.6" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:45c29932-35ef-5990-950c-35aa107e8644", "id": "CVE-2016-0762", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2016-0762 does not affect version 8.5.100-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el. PP vuln-detector: target version is NOT vulnerable to this CVE (AIMAGIC-1135 triage; audited)." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@8.5.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:c2f7d5a1-b4ee-5c5e-b2f6-4e347371f5b0", "id": "CVE-2016-0763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-0763 affects version 8.5.100-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@8.5.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:6fcd0dd5-780c-5d91-bbf7-e0823798df42", "id": "CVE-2016-5018", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5018 affects version 8.5.100-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@8.5.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:7a3defcb-523c-538c-bb44-82ae72f6c02a", "id": "CVE-2016-6794", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6794 affects version 8.5.100-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@8.5.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:0e6e1cc6-42f5-5784-8773-f9c80b8a9afd", "id": "CVE-2016-6796", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2016-6796 does not affect version 8.5.100-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el. PP vuln-detector: target version is NOT vulnerable to this CVE (AIMAGIC-1135 triage; audited)." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@8.5.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:f388319f-d871-50d8-89db-84872a4b52f6", "id": "CVE-2016-6797", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2016-6797 does not affect version 8.5.100-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el. PP vuln-detector: target version is NOT vulnerable to this CVE (AIMAGIC-1135 triage; audited)." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@8.5.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:da228377-1732-585e-b031-04036a525b1f", "id": "CVE-2016-6816", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2016-6816 does not affect version 8.5.100-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el. Version 8.5.100 is not vulnerable. Summary: The target repository (Tomcat 8.5.100-tuxcare.10) contains the HTTP request line parsing feature described in CVE-2016-6816, but the vendor's fix has been applied. The fix was released in Tomcat 8.5.7, and the target version is much newer." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@8.5.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:514c7f2a-c11d-5670-b1b6-fd0e9e350946", "id": "CVE-2016-6817", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2016-6817 does not affect version 8.5.100-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el. PP vuln-detector: target version is NOT vulnerable to this CVE (AIMAGIC-1135 triage; audited)." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@8.5.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:f9d0154a-c0d7-5503-bff4-92752ea6a11a", "id": "CVE-2016-8745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8745 affects version 8.5.100-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@8.5.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:f831f65c-a085-5d69-860d-1090187c98fd", "id": "CVE-2016-8747", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2016-8747 does not affect version 8.5.100-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el. PP vuln-detector: target version is NOT vulnerable to this CVE (AIMAGIC-1135 triage; audited)." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@8.5.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:e615dfbd-c528-5bfe-9175-b385d1324248", "id": "CVE-2017-12617", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2017-12617 does not affect version 8.5.100-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el. PP vuln-detector: target version is NOT vulnerable to this CVE (AIMAGIC-1135 triage; audited)." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@8.5.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:09824b7b-300b-5d10-b42c-956e500714b2", "id": "CVE-2017-5647", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-5647 affects version 8.5.100-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@8.5.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:9fe2ac3c-0301-52e7-a181-efd8b8338756", "id": "CVE-2017-5648", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-5648 affects version 8.5.100-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@8.5.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:06e4ba70-db10-575f-90d8-a5f50fda5009", "id": "CVE-2017-5650", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2017-5650 does not affect version 8.5.100-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el. PP vuln-detector: target version is NOT vulnerable to this CVE (AIMAGIC-1135 triage; audited)." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@8.5.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:253a6639-c91e-581c-a216-a298330953b4", "id": "CVE-2017-5651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-5651 affects version 8.5.100-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@8.5.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:e05f0873-f452-53be-9027-f050d05b1e7d", "id": "CVE-2017-5664", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2017-5664 does not affect version 8.5.100-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el. PP vuln-detector: target version is NOT vulnerable to this CVE (AIMAGIC-1135 triage; audited)." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@8.5.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:f61477af-4d79-51e0-962e-d91555a88066", "id": "CVE-2017-7674", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2017-7674 does not affect version 8.5.100-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el. PP vuln-detector: target version is NOT vulnerable to this CVE (AIMAGIC-1135 triage; audited)." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@8.5.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:6178e0ed-07d8-5e6a-86c0-a8d92a56f663", "id": "CVE-2017-7675", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2017-7675 does not affect version 8.5.100-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el. PP vuln-detector: target version is NOT vulnerable to this CVE (AIMAGIC-1135 triage; audited)." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@8.5.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:85169093-592e-5332-9a0e-4c510f6357ab", "id": "CVE-2018-1304", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2018-1304 does not affect version 8.5.100-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el. PP vuln-detector: target version is NOT vulnerable to this CVE (AIMAGIC-1135 triage; audited)." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@8.5.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:f31573ed-f5d2-5050-a610-b4efff05c794", "id": "CVE-2018-1305", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2018-1305 does not affect version 8.5.100-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el. Version 8.5.100 is not vulnerable. Summary: CVE-2018-1305 is NOT present in the target repository. The vulnerable code pattern (lazy ServletSecurity annotation scanning) has been replaced with the fix (ServletSecurity annotations processed at web application startup). Target version 8.5.100 is newer than the affected range (8.5.0 to 8.5.27) and contains the fix applied in version 8.5.28." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@8.5.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:e789d941-9d05-50d7-9c76-47a87d87205c", "id": "CVE-2018-1336", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2018-1336 does not affect version 8.5.100-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el. Fix already present in target (patches already applied) (AIMAGIC-1135 triage; audited)." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@8.5.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:6939869f-be7a-5e5d-89e6-c6938afa9cf2", "id": "CVE-2018-8014", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2018-8014 does not affect version 8.5.100-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el. Tomcat Version 8.5.100 is not vulnerable to CVE-2018-8014. Confirmed by manual code inspection and security advisories." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@8.5.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:8e84d78e-e247-53fc-9877-46fc3e28b021", "id": "CVE-2018-8034", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2018-8034 does not affect version 8.5.100-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el. Tomcat Version 8.5.100 is not vulnerable to CVE-2018-8034. Confirmed by manual code inspection and security advisories." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@8.5.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:93d85000-7301-595b-bd79-2067157c308d", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 8.5.100-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@8.5.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:fd6affb2-ede3-558e-af47-5294e323b966", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 8.5.100-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@8.5.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:04bd96df-2c34-5c0a-b3b1-b4eb8aa25855", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 8.5.100-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@8.5.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:0ffdac22-bdd3-5154-a4da-7a46a8770218", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.tomcat:tomcat-jasper-el 8.5.100-tuxcare.6." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@8.5.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:696eba0a-2f76-5799-92c6-eee9df88afdf", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 8.5.100-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@8.5.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:6100e30e-2e6e-5f81-b4c8-b6654025e5df", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 8.5.100-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@8.5.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:14e70130-4085-57da-8692-4ffa0a9b3a8a", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 8.5.100-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@8.5.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:159f5440-92a1-50c3-b6e5-7c1ad5f5d319", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 8.5.100-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@8.5.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:08e209fb-4eb3-5cf8-a635-910a394b1014", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 8.5.100-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@8.5.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:1d083f61-8201-5535-a3f2-548a12657d7a", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 8.5.100-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@8.5.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:0e1049af-6d4c-5e1c-869c-33cc797e5781", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 8.5.100-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@8.5.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:015c51fb-b836-56d9-97d8-488992bf08a6", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 8.5.100-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@8.5.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:bafb4487-0d34-5f38-baa1-b0475e85e7ab", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 8.5.100-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@8.5.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:61dc2df0-b61f-5584-9295-8e5efcb2a76e", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 8.5.100-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@8.5.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:30f12435-c4b0-5e5b-8e5c-5d88acb54ef4", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 8.5.100-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@8.5.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:bb372342-0a95-5138-b49b-8fb411374912", "id": "CVE-2024-52317", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52317 is fixed in version 8.5.100-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@8.5.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:dfa01d4c-2685-5d8e-acea-995831716849", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 8.5.100-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@8.5.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:51e85eed-e420-5487-bdbc-a235c5a92fff", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 8.5.100-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@8.5.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:79f43f03-490e-5444-bc5a-ed086d57df56", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 8.5.100-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@8.5.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:1a959315-073a-5616-bdc3-05ee8475cb8b", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 8.5.100-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@8.5.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:7b5d764e-e91f-5e75-a2e2-042d041e5ff8", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 8.5.100-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@8.5.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:b3b41674-7548-54b3-b1ea-12f48e7f6765", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 8.5.100-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@8.5.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:18da93ad-1f29-596d-9a1a-ae3468120342", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 8.5.100-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@8.5.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:a480fb94-164d-55da-a6fb-e0efb44a735f", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 8.5.100-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@8.5.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:0b4fc9df-4dce-59d0-b324-2194f5321377", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 8.5.100-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@8.5.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:e76223d2-8d33-52ae-8844-871eebfa15d4", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 8.5.100-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@8.5.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:0bbe6440-53c5-5833-b29a-b88ecef43574", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 8.5.100-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@8.5.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:a7a20a52-6861-555d-a1bf-eda9b59356c6", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 8.5.100-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@8.5.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:6b0f6997-7088-5724-a7fe-6228c59afa0b", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 8.5.100-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@8.5.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:07ca44e2-8239-5b36-aec6-7e86c54ba3a7", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 8.5.100-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@8.5.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:3cad04e4-b8e4-5b1e-83ee-3e03df58361e", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 8.5.100-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@8.5.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:08dfe3d2-8e58-5348-903b-dcc3e863be59", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 8.5.100-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@8.5.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:c4779315-f65b-5b48-b715-90b5f1c875fd", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 8.5.100-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@8.5.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:6eca3017-e31e-5a78-acc3-ca304167f82f", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 8.5.100-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@8.5.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:be43c414-8ac5-5605-8013-b5f357a65454", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 8.5.100-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@8.5.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:10314bc2-1c45-5a85-bd3b-8db0c220c403", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 8.5.100-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@8.5.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:a09dff0e-3b5c-5b8e-8cbc-df5dcacb4904", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 8.5.100-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@8.5.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:393bbeb2-8592-5a4b-8a3b-65b6b56acbe1", "id": "CVE-2026-34486", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34486 affects version 8.5.100-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@8.5.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:259004ba-cf2e-53cc-b2dd-c28839737981", "id": "CVE-2026-41284", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41284 affects version 8.5.100-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@8.5.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:6aa0aa8c-0bfb-586a-95bf-8c3ec43e4646", "id": "CVE-2026-41293", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41293 affects version 8.5.100-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@8.5.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:9f2b85ad-7c8b-5dc9-8dcf-24569b9478f7", "id": "CVE-2026-42498", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42498 affects version 8.5.100-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@8.5.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:34bce8aa-73a4-51b7-b879-ec461fcaf5c9", "id": "CVE-2026-43512", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-43512 affects version 8.5.100-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@8.5.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:91121266-b67f-5bdb-a8f4-e2ad0a2c031b", "id": "CVE-2026-43513", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-43513 affects version 8.5.100-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@8.5.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:6a18e2ab-5202-5630-8b23-05239ee5a163", "id": "CVE-2026-43514", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-43514 affects version 8.5.100-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@8.5.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:802908ae-6c57-537f-ad7c-5220cc203d50", "id": "CVE-2026-43515", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-43515 affects version 8.5.100-tuxcare.6 of org.apache.tomcat:tomcat-jasper-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@8.5.100-tuxcare.6" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jasper-el@8.5.100-tuxcare.6" } ] }