{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:ef9706d4-d7cd-55e1-b4e1-defc18841096", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.83-tuxcare.2", "type": "library", "group": "org.apache.tomcat.embed", "name": "tomcat-embed-core", "version": "9.0.83-tuxcare.2", "purl": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.83-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:fb4a5289-0b5a-50b5-9cb4-be7efa036ea5", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.83-tuxcare.2 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.83-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c484d579-7708-507b-a105-69f153c88d71", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.83-tuxcare.2 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.83-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8b30b3af-ad5a-5686-a261-0a42095b0bec", "id": "CVE-2024-23672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23672 is fixed in version 9.0.83-tuxcare.2 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.83-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3e631a75-4068-53ef-b071-45797732b738", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 9.0.83-tuxcare.2 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.83-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7d0c09ee-eed2-51bc-ab28-fba482f224f6", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 9.0.83-tuxcare.2 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.83-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c00e98ee-cc0e-5f0b-93d4-ca376ad723e3", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.83-tuxcare.2 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.83-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:28b76b55-396a-5151-b005-df95a3e82634", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.83-tuxcare.2 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.83-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:484058c0-2ee4-567d-a1ee-6a811ee6caf8", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.83-tuxcare.2 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.83-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a229e727-3b12-585f-ba44-05da09ba7359", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 9.0.83-tuxcare.2 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.83-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4b9782e9-7ab2-5b47-a915-ea1e58f490ae", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 9.0.83-tuxcare.2 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.83-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:20c8fea1-a9db-5532-ab9c-fb47f47a4cd1", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.83-tuxcare.2 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.83-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ab78b1d5-2b78-5a00-afe5-23420a6d55da", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.83-tuxcare.2 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.83-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cc3bc064-6eb8-596c-b158-288a751fb1d3", "id": "CVE-2025-31651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31651 affects version 9.0.83-tuxcare.2 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.83-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:315fdafe-1857-57cb-a486-fead14018b3e", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.83-tuxcare.2 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.83-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:eed08088-7e48-5487-a3a6-667549e9e701", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.83-tuxcare.2 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.83-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:085d7379-bed8-52a7-a37e-a870645b7e93", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.83-tuxcare.2 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.83-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:34f0ef1b-e910-57ac-907e-ec2649705a2a", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.83-tuxcare.2 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.83-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:feec6472-3c30-592e-ba49-11396819f4ea", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.83-tuxcare.2 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.83-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:78694b5d-3f3e-5eb3-8807-fd72b7dbb0fa", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.83-tuxcare.2 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.83-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e01b6114-14cc-5b9a-91ef-0ff119b48259", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.83-tuxcare.2 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.83-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:460257d1-a633-5266-bf8d-9d0b05c9e67b", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.83-tuxcare.2 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.83-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7de8e214-64b9-51a5-8a13-c1e3807e60f8", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.83-tuxcare.2 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.83-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f37a7251-86f4-5f2e-8550-a90bf51a3654", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.83-tuxcare.2 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.83-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7aa0260d-f0a2-59b1-bfb3-d568a4eede87", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.83-tuxcare.2 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.83-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:da2c83ab-28c5-5a04-b0ea-2a11b8f24ec1", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.83-tuxcare.2 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.83-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:175ad6f2-3e6a-5985-9100-c52588ca86ba", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.83-tuxcare.2 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.83-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:13e8d12a-aff1-533b-8624-a983180e0870", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.83-tuxcare.2 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.83-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.83-tuxcare.2" } ] }