{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:b2373b03-20d9-5ccb-98a5-6d7ce8500027", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.75-tuxcare.3", "type": "library", "group": "org.apache.tomcat.embed", "name": "tomcat-embed-core", "version": "9.0.75-tuxcare.3", "purl": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.75-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:411be7a8-eaff-53a6-b1ba-de46636124f7", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.75-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5d944121-308d-5490-8b5c-7a6e0b123b7e", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.75-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2b3420ca-33cc-5057-a396-7d26608cc2be", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.75-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e38b127e-c055-57a0-9516-d88cb9d2d886", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.75-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3a1ea259-7b87-50e2-bf0d-f559a3d86606", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.75-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:86733eba-cd40-5ed4-83e8-73765d68de1d", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.75-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6c586253-5967-5050-99e4-a9ecbdc5a5e0", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.75-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:665327bb-27ce-500c-8712-8cde527c10cb", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.75-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a38bec5b-c395-5626-8f0b-1215b53858eb", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:68c7aa58-7262-5f17-b555-c698d0a81fdf", "id": "CVE-2023-42794", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42794 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:af4ba3d8-e6bc-5076-8a40-b8729d42abfa", "id": "CVE-2023-42795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42795 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b0a519b3-6571-53d1-a6db-a2336995b34b", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2208b44c-81d0-503a-be1a-915223518153", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:060ac2ea-2922-568d-9d26-2ef62e820b41", "id": "CVE-2023-46589", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-46589 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a44d94d5-5607-5829-99f3-d664c2911ab4", "id": "CVE-2024-23672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23672 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a1787835-ae53-5c86-9f10-e6b1351feda9", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6368d5d8-2b1a-58cf-9132-6069956e1f05", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e71acc98-eeab-54d3-b79d-f5d6f68fc820", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:36219650-15f5-5f0f-9a6e-185e520ee04a", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c8b57ad0-eccc-55dc-8b92-871c9ecd8a9f", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:94f0bbf6-39b2-58ba-8e57-e4159c595a4b", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f45c320a-6401-575f-84db-98b3f37b4996", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7d3dba91-e5eb-5203-b253-1d55f0aaa12c", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c4af01bd-ef62-5679-a7d5-9ff403de8fb2", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.75-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7d9ff037-5faa-5d00-8395-2f173fa0a908", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b5fc4db8-808f-589c-a625-f58ef73abe1e", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c05a0ab8-2fb2-592e-a013-34082127739a", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:37f0b47f-167d-5f96-b12c-de6671331e74", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a0dad22b-f5b8-5748-9187-a7b0bfc49c1b", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8addc4bf-1f26-569a-9f13-7fbf4efff199", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fb81bc60-a1eb-50bc-94b8-bf99553e3e18", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ad933039-e38d-5be2-9a3f-0e5aabd176db", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:89c2c60a-c0f9-57c6-aa01-491bf58137ba", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e840d2f8-e99e-51e8-b97c-1c3a67f80419", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:68d2806d-2071-5679-9c97-0adb7978790d", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bb545536-712a-5902-b2dc-fb008b679fc6", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:db1bf9c5-f4f4-59cc-a582-b6e2cd2f99e9", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:03532630-6752-5139-a798-380c0230c56e", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.75-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3ca5e27b-8082-5137-9451-aebfa3753cd0", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.75-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:36c15b3c-fd63-5a8b-b955-ae01cf839bce", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.75-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:30965555-d946-526d-a2c0-baceec0d8a7e", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.75-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0173e24f-648a-52a9-9cbe-2c128715c9a6", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.75-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0e2b1692-1244-57e1-9584-733f0cea6cd9", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.75-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4a3549f1-2ee6-539a-8e7f-900c85b1abc6", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.75-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7342d777-25be-54e1-a3fa-5b7a0e92bb21", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.75-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.75-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.75-tuxcare.3" } ] }