{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:509c1e5a-c357-5d18-a71a-4ade0660a7ff", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.83-tuxcare.1", "type": "library", "group": "org.apache.tomcat.embed", "name": "tomcat-embed-el", "version": "9.0.83-tuxcare.1", "purl": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.83-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:7e7c43b5-0eb1-5c6c-9b6c-43f34c3a4208", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.83-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.83-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c1347053-9650-59f3-b849-8a3320b1baff", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.83-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.83-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:28d27cfc-3be6-5080-bcaa-6e8b985d4f49", "id": "CVE-2024-23672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23672 is fixed in version 9.0.83-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.83-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c817beb8-ea81-5fff-b5d4-3ab9fe3ebf60", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 9.0.83-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.83-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ec77978a-a638-5df9-a9dc-ada6fb363d9d", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 9.0.83-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.83-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c714b0b1-5066-553e-b797-b23897861b1c", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.83-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.83-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a677ba98-146e-528f-a09a-8894d6f0d05e", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.83-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.83-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:de26342d-e0c8-580e-92eb-cac421db79b8", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.83-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.83-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:225d1600-eb4b-5b18-b8e4-7ff6fd690d0e", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 9.0.83-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.83-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2dc78c92-0823-5db6-bc53-f0f78da41be4", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 9.0.83-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.83-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fafe68db-6244-5b07-b1f9-ae494983e323", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.83-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.83-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:39b31ef7-2042-517c-bbf6-4793626fce44", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.83-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.83-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a285119a-348b-5f46-a2ef-9f99efbfc844", "id": "CVE-2025-31651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31651 affects version 9.0.83-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.83-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:27697e6c-bc23-535e-8fdd-0204f5ef0ef6", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.83-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.83-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cd322c1e-8687-5f62-8c40-888a14e186e7", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.83-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.83-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a51fa5b0-3f11-56d7-92f4-90a8512904b8", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.83-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.83-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ddb841df-7ea4-5a7e-8d9e-8bb029ac608b", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.83-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.83-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:72db1fbd-1536-5ce5-a0c9-1828b20f20ed", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.83-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.83-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4972ead9-2247-5244-b209-9e0ca1b8a6b0", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.83-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.83-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:971003a8-5123-5769-b250-2d1d7a871d29", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.83-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.83-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7c3f7c7b-a00c-5e05-9b8a-9888ff0e18de", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.83-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.83-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:764908cf-e606-5e2f-9ea5-1bb271bc8d6a", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.83-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.83-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:905c1c39-b67b-576a-996a-de339fa6b5ff", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.83-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.83-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e1cf6129-171c-517e-b0c5-8647c35ae7fc", "id": "CVE-2025-55754", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55754 affects version 9.0.83-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.83-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c0fa2b63-a24a-525a-ac8d-842fc9becdae", "id": "CVE-2025-61795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-61795 affects version 9.0.83-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.83-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:34c257d3-bdf9-5009-8966-8529b0912989", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.83-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.83-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ebb14f62-1434-508c-8578-1ed477f95b36", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.83-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.83-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.83-tuxcare.1" } ] }