{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:bea91ae0-dc6e-5baa-a3ee-94c318d8a92a", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.100-tuxcare.1", "type": "library", "group": "org.apache.tomcat.experimental", "name": "tomcat-embed-programmatic", "version": "9.0.100-tuxcare.1", "purl": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.100-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:778910e1-72da-5e8d-8a43-15689d84985e", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.100-tuxcare.1 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:60c4b8ae-b37e-5663-bd4c-844d8e7e5094", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.100-tuxcare.1 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b3897ea3-b1ef-5a7e-93a8-cc337b7be91e", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.100-tuxcare.1 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9f893cc3-791f-5a0a-aec2-0521d9c58595", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.100-tuxcare.1 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:534c7ea1-0a30-584a-bb48-117615496fe4", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.100-tuxcare.1 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9cb549c1-4338-50bf-aa86-32e1568411aa", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.100-tuxcare.1 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:418b5ead-de57-5e70-a12d-4fc358a9db36", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.100-tuxcare.1 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c3c0a373-441a-59ba-92cb-5a1b5b17ab20", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.100-tuxcare.1 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0967a596-b5cb-509f-9cad-0981d87db64f", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.100-tuxcare.1 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:99e0b4b9-588c-54f1-9f00-86e9e05f92a8", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.100-tuxcare.1 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fcdf111f-133f-59ad-8024-bd1b783243e9", "id": "CVE-2024-52316", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-52316 affects version 9.0.100-tuxcare.1 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0e895e4a-93b3-5310-84d9-4d55e901722e", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.100-tuxcare.1 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bac94478-6420-50e0-a7d9-239a6db60219", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.100-tuxcare.1 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3aade1ca-af7c-5edf-867b-0160b4d688c6", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.100-tuxcare.1 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6a331c25-9baa-55dd-8a40-7c282c8f2885", "id": "CVE-2025-48988", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48988 affects version 9.0.100-tuxcare.1 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:94619882-6783-55e4-9a69-18d4359a4482", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.100-tuxcare.1 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3e2d9744-9a77-5228-baef-151dd2af6cbc", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.100-tuxcare.1 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0f9bf520-df3b-5f0e-9f0b-ffb5e49ec9e9", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.100-tuxcare.1 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bc0baa72-5433-5863-a7b6-dc7b5594a090", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.100-tuxcare.1 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9a79d1c6-f9e9-5938-a4a1-9061452be3cc", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.100-tuxcare.1 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:216747e5-3339-5720-bb95-36db7b266c1a", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.100-tuxcare.1 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3d4f40a8-b878-5472-9ec0-4e563079f1e9", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.100-tuxcare.1 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2f3a74b1-07fd-5421-af16-5f4708ab1069", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.100-tuxcare.1 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:949117eb-fca1-5250-9684-e631fcdce54a", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.100-tuxcare.1 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:27ffa028-08eb-553c-bc88-2d106b395288", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.100-tuxcare.1 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4546b84c-978b-5ff2-8bff-f0651c5e5ea1", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.100-tuxcare.1 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5eab704b-201a-5ee4-90b1-dd4d04a4aa29", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.100-tuxcare.1 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bb03ab66-c5d5-5396-9e4e-11685d96a189", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 9.0.100-tuxcare.1 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cde2fa08-cd43-5c06-a6b3-c29b35067924", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.100-tuxcare.1 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4b106ff7-43c3-5ee4-947a-4be1ba59caab", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.100-tuxcare.1 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9eae97b0-a499-59dd-9b84-403a986273d6", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 9.0.100-tuxcare.1 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d933326c-2a63-5d08-b6c4-cf89399bd92e", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.100-tuxcare.1 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:83b58f12-f642-5bf9-bd94-827444cb3cb5", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.100-tuxcare.1 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7e4979e0-9128-502f-8f70-2150ed51e9b8", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.100-tuxcare.1 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b728b1b8-d0db-54d9-9f37-7224e4ddf9b7", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.100-tuxcare.1 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f9941715-a2b3-593c-b3e9-2420be3a8331", "id": "CVE-2026-34500", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34500 affects version 9.0.100-tuxcare.1 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.100-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.100-tuxcare.1" } ] }