{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:7c17e7d9-4bf9-5fd6-9441-a19d0775df37", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.1", "type": "library", "group": "org.apache.tomcat.embed", "name": "tomcat-embed-core", "version": "9.0.87-tuxcare.1", "purl": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:ed7c2827-08e2-54c3-b9f4-8d240988bd65", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.87-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:64e8b0b2-65b9-5122-a881-1e9f0e1e7a72", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.87-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bec496f9-3d40-5b32-9f5c-bfd5a66f5722", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.87-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2c124ee5-9d2f-5ed5-a667-b1ee810a61d0", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.87-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:23730b68-ee05-5e21-b158-9881968cef53", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.87-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:be87529e-8812-581d-af28-2900147d648a", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.87-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3f5b5db4-6c52-58c3-bbcd-55094ae6d453", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.87-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:30271977-048d-5e54-a5ed-8c6466e41971", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.87-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a5697e13-2d70-5cff-b92a-d32249df979b", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.87-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:634319d2-d5e2-5499-805f-b028be077ed9", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.87-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:40e0b7ea-8dfb-58fc-8285-a0e548b1444e", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e06a67bf-190b-5561-91ba-c0d15da53c18", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:92c905ea-d31e-56cf-b957-3f2c0fa8fd86", "id": "CVE-2024-50379", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-50379 affects version 9.0.87-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d63097e0-0a99-5a06-aaf8-12bdce97bcbd", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:81d9c42d-81a2-5539-bf04-013da41efe21", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.87-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b0fd8ee0-7e6e-556d-928d-dfde7a7ddb70", "id": "CVE-2024-56337", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56337 affects version 9.0.87-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5c06f61a-6f83-52b4-8f96-ba22d68b1355", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0632d5a0-ca58-51e6-aa0a-76117f6ce13c", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a7d176fa-875b-563f-b384-08144340ddb7", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6414fcdd-89af-5128-bf50-73383944db48", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1274148b-1a67-5c7b-b0e3-144299a5a147", "id": "CVE-2025-48988", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48988 affects version 9.0.87-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b2c383a0-ac18-55f9-b2f0-9f787d4e09aa", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:69042d84-c8f4-5453-8839-b1ee293b8a77", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:640cb00e-ec3c-5e55-8a03-37b7926a1926", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:32c30eca-5452-5f99-9bc0-5e76b62d71cc", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:175c8c4b-327c-58c4-a3be-9ad34bd7a79e", "id": "CVE-2025-52520", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52520 affects version 9.0.87-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f603f2ac-4f1a-5017-b6ac-caf7a67ce0ea", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4c035700-b39b-597d-a73e-0e4cf36f21de", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f294246e-1df2-5f02-82ec-19db16347dd0", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.87-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f502ade9-e1cd-5a0b-b13b-3daef6d688ed", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7125334e-de1b-5f81-8806-1c9bb471cd62", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1701a7f1-718d-57b0-b06e-6e5ca7284538", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.87-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cb234584-1afd-5354-8772-e750ade9bba6", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.87-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:00020816-492f-50c4-9c09-5219212ed22d", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 9.0.87-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7d5e7ec3-1294-560a-b384-5cc8ac74d6f2", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.87-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:93d63df2-b7b8-5c9f-ab17-62d2968ba1bf", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.87-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:20b0c59d-1faf-5c3e-8414-cdb1bb1c2634", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 9.0.87-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:62acd126-0491-523c-a5f3-20e7f69dda47", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.87-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:437f1c28-ec5d-503f-9f8a-222b811de33a", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.87-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f7ceb7ec-57fc-5f4d-8bf9-50b57645d8f0", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.87-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8db53d65-4a01-5853-9e3a-535e4cec3e1c", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.87-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.1" } ] }