{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:ffa4bfc9-63eb-5953-b2f4-ad39e6d94f82", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.4", "type": "library", "group": "org.apache.tomcat.embed", "name": "tomcat-embed-el", "version": "9.0.87-tuxcare.4", "purl": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:426ddcf0-3038-5964-ac4c-0c09414d9547", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b84f555d-5687-5da6-b58d-5080980a6e76", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7e4446dd-5d7d-5512-b756-7134ec2becbb", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b1815ce9-9133-5569-bbe7-e21b307c6722", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a6c27fd4-6072-51a4-bf36-2476712030a4", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f44fcd15-f8ef-5d7b-8f9a-93975abb69e5", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5421a629-22f5-5f28-ae52-757c7253bb08", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9e901f90-fb95-52df-b9c4-7676d315cd66", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cac2e9dc-02b5-57b9-86d7-c871a5f40ec2", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2d08c84e-120a-5408-b179-6fe94dd39cfc", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:81e33f2c-5771-5a2b-adfb-8915783c3718", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7b03d755-fa21-55aa-a098-ed3b36c01f19", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:abbcdebb-07a3-5d83-bb80-ef624e315c62", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7ded86a6-0a4a-5632-84e7-39c0933d8936", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5ea7e8cf-fbc7-58aa-bfbd-f30ecb0c551e", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:eeca05c2-6d0b-58dc-ba08-5772336df2f0", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:719b6ace-633e-564e-9905-dfbaf899a4ae", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:751b5b51-a185-55b2-aac0-8343891caca0", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4daf76dd-ffd4-5a89-9d60-242519aefe97", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:88391e5b-13fd-558f-ba49-56493c5a1558", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:755e7b5b-e800-51c8-b201-62e6ababee80", "id": "CVE-2025-48988", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48988 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:89f8abbf-183a-5515-9f74-56bf7fe8feaf", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:071d4c9f-a8d4-5dcd-80ac-31c7aa8708ba", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:45a223ee-b7db-50bd-8034-97c3aa5ec04f", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:137d68fb-db65-51b5-a8fd-d254c549b700", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d1e1cf46-edb3-5c59-a2a3-745bf8a843ac", "id": "CVE-2025-52520", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52520 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:69ac18bc-7273-537b-9826-3ef15219f231", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ac22e4d6-6ad6-5da7-bb8a-4171ad897b61", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:27c8113e-d6e7-554f-b4e9-6e42151b638b", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:59d82ded-d6b8-5405-9092-1e43136d8ce8", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0a027e70-0b99-5cee-a6a1-5ccda2798df3", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9e6707d3-95bd-5be1-bb52-fde9eb5223cf", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:282f385b-df81-5111-af3b-ec013e30584f", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3405e778-764f-55ff-8501-887c85b8581f", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:73a1a1c8-990f-548f-b0dd-dce267440dea", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fb34f220-9f86-5766-a28a-1b15630af4f3", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:49173fc8-081d-5f38-a7ce-34a5f441c199", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9d1f44b7-dee2-54c5-ab55-9bb35a29632a", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:65e01ea6-cd77-5ca6-a4d4-8d967e9e43dc", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9a2f2b76-41c8-5a72-8d97-197e3861ee21", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:60e0bd37-46c3-55a2-9834-3e5648608eff", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@9.0.87-tuxcare.4" } ] }