{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:fdb26e81-b418-5f31-90ab-f6f06a6d2f3a", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.83-tuxcare.3", "type": "library", "group": "org.apache.tomcat.embed", "name": "tomcat-embed-el", "version": "9.0.83-tuxcare.3", "purl": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.83-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:3743e105-00a0-54c1-8945-253a24359810", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.83-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.83-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7e5e569c-cc1f-5033-a2b8-f6460a440c2d", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.83-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.83-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a342dcf8-9c5d-5fd9-a992-32ef0cd61c6e", "id": "CVE-2024-23672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23672 is fixed in version 9.0.83-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.83-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2c596f54-89d8-5724-af6c-60ce6d64bae0", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 9.0.83-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.83-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4818328d-2868-5e0f-9d1f-003efeb8b3f5", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 9.0.83-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.83-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:25c243a1-d9b8-5dbc-9f63-eb143cd82665", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.83-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.83-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d58bd138-6b0b-52fe-8324-eb3d73d61826", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.83-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.83-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4b6f06d2-c55c-5bd8-b343-eae24fc62124", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.83-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.83-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:20ee0513-3fbd-5137-bc61-85de4484fd51", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 9.0.83-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.83-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ab3ea632-0ec7-5c60-bb22-19059448201d", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 9.0.83-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.83-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f2fcc19f-7b83-57d3-903d-88a4d0ab9d8d", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.83-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.83-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:77962afb-bd47-54aa-81dd-9e1940dc96ef", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.83-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.83-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:779ba456-c0dd-58aa-b94c-e1a38660789d", "id": "CVE-2025-31651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31651 affects version 9.0.83-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.83-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3ede26de-8d4a-5bd6-8627-421d7d664340", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.83-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.83-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fab7e48c-7f80-5e27-b4f5-aaaec563e369", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.83-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.83-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:46f41284-8338-5c15-b7eb-01d087226959", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.83-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.83-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:27e9840b-cc11-5642-af63-e16ccbf2c7c6", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.83-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.83-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7d52e28c-57c6-58f2-bb88-dc79742d386f", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.83-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.83-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e9fa71e7-b194-5420-9951-055ec138482b", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.83-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.83-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0d783682-9635-568c-a31c-e63847b8eb27", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.83-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.83-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:be0ea7c3-25a5-52a7-9a57-5c83517f7dba", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.83-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.83-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fde004c9-23b8-51be-8172-3f801a8c72c7", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.83-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.83-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fad380ca-b11c-51ca-83d1-4de0d12ac3c9", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.83-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.83-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2f2cccc2-4c23-5160-a63b-c78f0916ed19", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.83-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.83-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a9625946-4523-5d29-a538-a519c41f0898", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.83-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.83-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d9f26857-e1c1-5582-8a68-7521a8aeed13", "id": "CVE-2025-66614", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-66614 is fixed in version 9.0.83-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.83-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ebd019a8-1912-5053-85e9-212c72014f26", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.83-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.83-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.83-tuxcare.3" } ] }