{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:d42142db-3f29-5fb3-8de0-1448d789512b", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.100-tuxcare.4", "type": "library", "group": "org.apache.tomcat.embed", "name": "tomcat-embed-el", "version": "9.0.100-tuxcare.4", "purl": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.100-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:0a0fada5-fb84-5407-b6a8-baf319bdeb24", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.100-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:48055766-af10-5298-b66f-2fa1f0e2c3aa", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.100-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:deba4886-ed28-5484-a97f-83b750d51d84", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.100-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a526a5c0-7e98-52d2-80dd-861ce32e95c7", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.100-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8d9ab30f-0327-51b2-a3fc-4120d3a4fb0e", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.100-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fbbebf1f-dc61-5f37-a72b-f7163d57b582", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.100-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f4df7841-664b-5236-b7f6-77e2a9b2896e", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.100-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0a93e388-eddc-5b51-9257-e798bdb281c4", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.100-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:03408604-08d3-5fb3-a20b-5c94e05b7c50", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.100-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:45ed268a-4b99-5d28-bd2a-07555dc577d2", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.100-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7705f713-3f1d-5597-a021-72ad62441c34", "id": "CVE-2024-52316", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-52316 affects version 9.0.100-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a732a2ac-55ce-5ee5-aa58-ad904e4e2eb5", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bf9f9505-e343-5109-aad9-bbefc314a187", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bf230ade-72b7-542a-b379-7ba6ef559e22", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e179d2a1-0b94-5b1f-aa0e-fc48dd47adf2", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1bfce1ea-6b5d-5227-9769-1d6be159d20f", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a4ca461b-06c4-5198-90e3-ff4889ef1f2b", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6e9b2acd-e049-5e4b-a04c-3a106a3540ee", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5199298b-e559-542d-918b-2736d9a1a4d1", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:86441691-6773-5a62-a1a1-4bf2f642ef1e", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:46689d51-3930-50b5-b15d-a4e3e7ce05a1", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3e67604b-93be-5073-b55f-14374124ca53", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b7779238-9e9f-5ab8-87db-65dae1d1c4b1", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5bff9cfb-f3bd-520d-99bd-7267d64f373d", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:49be27e7-223f-5b40-8c4c-ecb7548493a3", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:248d5bcb-93b7-5b61-a85f-89e4f385d6c4", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.100-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8c916561-98f3-5bb8-99d2-39ea4f8c260c", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:249a9cf5-f152-56df-9b0b-f5de6dbfcd62", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 9.0.100-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7b8657c4-bb07-5231-9e6a-7ea9b35790fc", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.100-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e8c95966-91df-5681-874a-a5c7a8402808", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fc55de03-dcce-5329-863b-f27fa9ea055c", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 9.0.100-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:aa5560a8-b629-5345-9eae-fa1aa8b2938c", "id": "CVE-2026-29146", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29146 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c48cc170-6a74-5b21-82e2-eec5e0233388", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.100-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9a510954-2d25-569b-8517-6330c9b2accb", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.100-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:35c37aac-69a5-5231-b563-f90b0016c499", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.100-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:16ba0771-09ab-555f-abe7-f4601d9bd252", "id": "CVE-2026-34500", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34500 affects version 9.0.100-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.100-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.100-tuxcare.4" } ] }