{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:8cf826ed-c10a-5154-bdf8-92d3580e4c95", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.3", "type": "library", "group": "org.apache.tomcat.embed", "name": "tomcat-embed-el", "version": "9.0.87-tuxcare.3", "purl": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:244dfbcd-2b51-59d7-94b6-29c0e994dadb", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:015a5b22-89ef-535b-b810-847a7bb33444", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fb99d68e-d52c-5078-b186-fa18445364c5", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b92932c3-8efb-545e-b771-cb96fdad2377", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8b506ca7-d051-52e5-bb2f-b7b4ea8d34ba", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:446f0ffe-f17a-5fe1-8400-c16c60c82e5b", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b74e626c-8fc1-5288-8e20-c4d633a5ec73", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:585a36ed-d978-5bf3-80c6-a812e55f964a", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:06a597aa-9dce-5fa5-a0c3-cfd27409d6f9", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:16b6d021-1577-56af-8719-8e4ffa6db7f0", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e39d15d0-43dd-53b0-9aad-14e378adfae6", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:870a0296-5523-5456-867b-099fe56977c3", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:964e675f-5206-5ef7-878c-91640367a174", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9fe7a851-a851-54e5-a63a-dbd131a234f0", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ee77f6e1-6f76-5334-8756-af8d32ccd579", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2d8ae212-986a-58e5-8243-d9704c9f4037", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:37eaa763-4c12-57fb-b3e5-9039325b30f0", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7e1e22b9-b380-55c4-8527-5c24ee9824e2", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3e337163-bda7-5535-a3fb-7f173e98c0bb", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1f4efd5f-82ec-53c9-8e31-ebf9b5575c30", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d9ed1d1b-3b10-529c-9f05-c9daa33c0730", "id": "CVE-2025-48988", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48988 affects version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c44d4f9f-8476-5153-9625-6ffbda2f8566", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d99d529c-d499-5d22-a6a1-ee1bec2a3458", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:121323ee-614a-5ecc-9b9f-6cd68693317b", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f0fc932c-7343-5e2c-935b-ae2d4c7579d8", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9a049a4d-c09f-523d-a0cd-ea3fe90015f1", "id": "CVE-2025-52520", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52520 affects version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d93e6d30-d88e-5cb4-8092-a52114677166", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:19035bcf-5b73-5968-b5d1-d83baf960601", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:53ea069b-23ef-5e2d-9c8c-dfff0766cc79", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6b22bba9-5852-5f15-9c7c-622791d2856a", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:022333d8-3b5a-5da3-aa4a-30e8874592d3", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e0014e14-ad52-5370-85e5-b2a2589b2a71", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3f488b62-fa64-5cb7-96ca-2ab523989794", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0a6606e7-484d-5622-84f1-e24ebdccb7ff", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e28b3ae9-c8ba-51c5-a933-9fb852e258be", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a92a4798-410e-5371-bb68-6029ece0631a", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:694a9643-be99-56c8-90f9-6f58765f6cd3", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a63866b3-7b7a-5283-b4b2-f1b413221d0a", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:acbaf5ec-b24f-58ad-a653-cf7c2ebcbdf6", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:485b1cd1-2f68-5989-a6ba-6fef7252e223", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:104514df-53c4-59f5-93c7-e61f0e6f920e", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.87-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.3" } ] }