{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:ab990937-e9d8-5bce-a283-52ef1519c967", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.100-tuxcare.3", "type": "library", "group": "org.apache.tomcat.embed", "name": "tomcat-embed-el", "version": "9.0.100-tuxcare.3", "purl": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.100-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:a44dd992-4fe7-52fe-a710-85f8f384318f", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.100-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:03c538d4-5985-58b8-a67c-044e06efcfa4", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.100-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e0f17ec3-8611-51a7-8fc2-8a56cf608edd", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.100-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cf95e7d5-c571-5550-87cf-b9732dacd800", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.100-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1c606b5a-1c02-5243-99bc-00b84246461f", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.100-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6b98ae84-ea07-53cb-ac2b-51d58392ab59", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.100-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:05ed4604-fa18-5670-a4e0-dea883e752fd", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.100-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2594ac8e-5f03-5232-a3c3-30e8b6875636", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.100-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:08959bb5-e22a-57a6-9424-661dac642188", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.100-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d40bd6d6-4ede-5116-8da3-bedf53a6cdc8", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.100-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5be2ad8c-f6c0-53d9-897a-ab2beae46826", "id": "CVE-2024-52316", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-52316 affects version 9.0.100-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d8082681-9bdc-530f-9146-3cf7ec41e556", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.100-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:14e36986-f5a0-5935-854e-5d48f484a71d", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.100-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c5313f74-d221-56e1-bbd7-522b67870255", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.100-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c68a394c-0186-5998-bdf1-9654c0427240", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.100-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a562968a-bd35-58b7-b2ea-74fbf371c937", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.100-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8a4ce5c9-98d7-5fd7-877e-3af26627a650", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.100-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ae0507cb-abe5-5c04-b59d-55f7b66cf2a7", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.100-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c064f730-3240-57c6-9cb3-598512870f41", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.100-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:11ce6091-87fc-59b9-8089-38ef42e1e891", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.100-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:767758f7-582e-5dcb-94f7-85571cf7cd0b", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.100-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:30dda6c1-7ae8-5168-9897-3656c9959831", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.100-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2a31e5c3-08d9-5d48-9960-6831afdc308d", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.100-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:aea2d643-3819-5e94-8053-efa20515bfa7", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.100-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:176452e0-408b-5a1a-9e1e-b8636bc0c295", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.100-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:26d16773-8b03-5cca-a23f-0d0453d3c63f", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.100-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ae7e45ed-dbf2-5a33-9930-f73900f1daa8", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.100-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1068c778-a485-5522-a0ed-cbcbb430e0f2", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 9.0.100-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b32abee9-a942-5ef1-ad28-5d5a99b7ab12", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.100-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d90f5820-56d2-5a5d-8b74-32763032a074", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.100-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7df78bdf-b89a-5c68-b4ac-ea553e661cc6", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 9.0.100-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fb96225e-877a-54cd-bbda-35f43713864c", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.100-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f199d5a1-1ec5-5c85-8998-8a4b10c9e1de", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.100-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9b026320-1f32-5fb9-a25e-a360dafa360c", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.100-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d44ae240-3667-53ce-b483-d67b827e693b", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.100-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2e548ffe-4a0c-5689-817c-5cdff0ccc81c", "id": "CVE-2026-34500", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34500 affects version 9.0.100-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.100-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.100-tuxcare.3" } ] }