{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:2bf53f25-8a8c-5de9-b79f-432e1bc17844", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.46-tuxcare.1", "type": "library", "group": "org.apache.tomcat.embed", "name": "tomcat-embed-core", "version": "9.0.46-tuxcare.1", "purl": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.46-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:87e830e9-b63d-54c3-90e9-9a126fc84ba6", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.46-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6edf8267-9920-54df-92d9-80e0f3ae4867", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.46-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:00b76a40-c19e-50b8-8b0c-dfc3b7e9afad", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.46-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8a1a325e-a15c-55d2-b25f-aa4bfc8098e0", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.46-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c73c2ae7-33bd-51e1-bbc1-6af336c5f0ba", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.46-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4e5325cb-e07c-502d-8846-cecbd16f3ed4", "id": "CVE-2021-33037", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-33037 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7a94c366-5d9f-5487-8d62-1892e676e0e1", "id": "CVE-2021-42340", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-42340 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5b817685-97d4-5452-bcde-01b216b40251", "id": "CVE-2021-43980", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43980 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8895d171-c859-51f3-ba77-0d0c267dc80f", "id": "CVE-2022-23181", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-23181 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3bd4c7bd-2ad1-5e63-ab93-f1fca285d027", "id": "CVE-2022-29885", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-29885 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:88cec86b-ad6d-51bd-9ccc-7987131529f1", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.46-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b0aeea60-bc99-503c-be5f-bd5098116ea9", "id": "CVE-2022-42252", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-42252 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8d195854-ebd1-5eb8-94bf-d22a37680d6a", "id": "CVE-2022-45143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-45143 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d8ad1b4f-5083-5989-b0f4-4529b8752903", "id": "CVE-2023-24998", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-24998 affects version 9.0.46-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7da9cc7a-10cb-572b-abf2-6c740074ea12", "id": "CVE-2023-28708", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-28708 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:abe9b7f7-f99c-5578-8d4d-bbd8ea0ce6b3", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:474b73b1-93ad-50d7-b98f-21255107b7c3", "id": "CVE-2023-42795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-42795 affects version 9.0.46-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e147fd41-2aca-56c3-9feb-d460cb1591bf", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.0.46-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:82f5e249-a40c-59b5-841b-abe0365aa014", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bb0fe491-bdfb-5f46-95a1-5828c0b9c22c", "id": "CVE-2023-46589", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-46589 affects version 9.0.46-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f7206003-8be9-5778-ba82-2b02b7c0b185", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.46-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:596b6cd1-cb82-5330-a294-84b0b7f0bc3a", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.46-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d9f1427f-1517-5a3f-a6bc-127da365dff2", "id": "CVE-2024-34750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-34750 affects version 9.0.46-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:02d7f61c-22ee-551e-b226-a72a8ced75a2", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c5eff9a9-0a49-5f79-90f8-c743703f9b32", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6ecf20ad-8cee-57b7-ab5e-94bbf10fc73d", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:19574810-d393-5797-a21f-95b727facb89", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.46-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:96fedab2-3e2c-5da9-a4aa-4d65fd677d91", "id": "CVE-2024-56337", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56337 affects version 9.0.46-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:52039255-1c41-54fc-b9bd-fe0dfadd0f85", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6a8c1479-e259-5b16-b3cc-3908bfc6de47", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.46-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:35d6f38d-4aac-5c36-8615-88cb6a8d9d1b", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0a51bae0-505a-5567-b651-7f8536b43ab2", "id": "CVE-2025-46701", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-46701 affects version 9.0.46-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b54d4730-643e-55e0-9c6e-b2d560480349", "id": "CVE-2025-48988", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48988 affects version 9.0.46-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c677b48d-8943-5831-83a6-c63b254839c3", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9c1ccb5e-57de-5034-8f97-b2e31da0fd3c", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:052cfc27-f669-5dda-95a8-9d9163ff3666", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:032e8b97-2fbd-54ed-8f23-512296313c89", "id": "CVE-2025-52434", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52434 affects version 9.0.46-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e864d791-d751-5fe6-9f91-f59d370022bf", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:14040df1-4f9d-5900-a7d3-2170a1a2bf2b", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9a67236a-f0a5-56b8-aa39-6c2e89b8f4ad", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2817fbc2-4f23-5647-9314-8d6e75512e5d", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.46-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cd83135e-56a3-59c0-980f-f01262e26e0e", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8a9985ff-d8f1-5a61-80b8-183f0075ee6e", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e9bcf227-7624-58a0-a735-263a9791a6fd", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.46-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:43da9ea6-6fa2-5df6-b1e3-f2b3ec4d252e", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.46-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3641684b-123f-5594-b3bc-ad14ddfee597", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.46-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:972c6fb1-a177-5a5f-88d0-f81628283e23", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.46-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e0ede7e6-0116-579b-81fe-c30212bc6857", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.46-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1b3bfe26-9573-5a29-a350-d0c43d91df0d", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.46-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:340d3dc5-0291-5438-96c1-09b279d884cf", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.46-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:28227af2-0d35-5d9a-8b6c-5b4fd654a6d1", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.46-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.46-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.46-tuxcare.1" } ] }