{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:146e412e-0462-58c3-a502-28829bc85652", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.3", "type": "library", "group": "org.apache.tomcat.embed", "name": "tomcat-embed-core", "version": "9.0.87-tuxcare.3", "purl": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:b5fb1a10-6cfb-5fcf-a60e-217488fba627", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ee17daa9-33f0-5373-8491-01a9ce73ee5b", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:36a93b4d-d105-5592-83b7-58709699e35e", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:66bb9c19-a664-5ae2-84cb-7816b6f4e40c", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:56dab0ec-b9d4-5ceb-8fab-67007ed95899", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a1dbe4fb-1137-5ce6-ba2e-6e49ffa56fcb", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4e17f74e-8d35-5bbc-8c81-14ede74bf52e", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e7931a77-02cd-5425-b4a8-85661fd97ca1", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:538254dd-5b5d-5a3d-b73b-27d69024762f", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0c5b4073-717b-559a-b5c0-06d34d8f2d99", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c9ae8ae0-5cd8-556b-9840-92c23fb45758", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:de577e1f-e427-55b9-8b65-0aec9f4edcce", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0ac24011-3b83-5ffb-88d8-242f9b5d8a3d", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6bf872cf-d41f-5634-960e-1f7071049d09", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3de627f0-54c5-5c9a-9e4a-64d45a948530", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1b683687-3d34-53bf-8038-afa376141c59", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d8684a57-a54e-5c73-babc-8c139d563483", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6df33212-7da5-5fa7-b99f-30b8345a0d92", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:accb57b7-c033-5594-a121-b0b147e68523", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2a262b05-2cd8-51e1-9cab-159ab3f21b4e", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:94a260ac-4127-527b-8e66-0ba1a5224dac", "id": "CVE-2025-48988", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48988 affects version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1521e0a7-c6b2-5b78-940f-b83ca8c515bd", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:665c0ffc-3d0a-5f9e-98f9-250f29ae1c71", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b9f2872b-27d7-5ec4-b9b4-dadeee0e17c7", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:be0bf256-1a58-5dc5-8905-8b9b0cb4582d", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:166c2ff8-2af6-5197-b005-7a3d15a684b8", "id": "CVE-2025-52520", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52520 affects version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3597a350-0171-5b47-9001-4a1f24ffec10", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f1651c4e-baa4-5eab-8581-cdf46e62f7ec", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2f8a128e-3b09-5e0d-b470-4905be026e71", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fb4c5727-2153-5b59-b55a-c265b37e5ba3", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fe6a1c8f-87e0-5289-bceb-5b3a42060899", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:05bd349d-a5ce-5f2b-9d38-a1b2b186a760", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:18f88af1-8d75-5dbc-8a49-eb53f8302398", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6e1090bf-e98b-53c7-adb5-f04990323498", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b8c122d0-18f4-576b-b034-5e576fb611b0", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:429d6caf-26a3-5a71-8602-b67326af24b4", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e0677179-724d-5215-916f-353390470221", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6537e5c6-dbf5-5d66-8eb4-72358a9af1a1", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1e5d5ac3-5f5c-5dd1-b66c-f1662b5142ef", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5dca89b2-cb6b-52e0-bfeb-4573febf2ab5", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ca67fa0d-1d34-5a6f-b4a1-3810c8e1428a", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.3" } ] }