{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:b94e4ca3-ad95-5c79-b815-487027e29f64", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.2", "type": "library", "group": "org.apache.tomcat.experimental", "name": "tomcat-embed-programmatic", "version": "9.0.75-tuxcare.2", "purl": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:715410e6-f825-51bd-9551-da0a1639d2bd", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.75-tuxcare.2 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2f56fc70-0f03-5203-95f7-35137d95d5bb", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.75-tuxcare.2 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4c60241f-a046-5093-9ac2-fe53d4eaf0b9", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.75-tuxcare.2 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a0231c66-3d53-5c7e-b1e4-d72ae8d9bfb2", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.75-tuxcare.2 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:295df058-708e-57c4-9cce-640fce0b7efe", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.75-tuxcare.2 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:af628059-e579-5c42-905f-8f79f437200e", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.75-tuxcare.2 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d23e4ba2-d80e-5c68-9907-30e65e60f994", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.75-tuxcare.2 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cdd85b8b-0a83-5326-9f6f-026204f2208e", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.75-tuxcare.2 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:13406147-e79f-5593-8e8f-99d5c625dac3", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8dcd19f5-da64-59db-8c23-b995d98bfe35", "id": "CVE-2023-42794", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42794 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:13520d04-b7c5-5f19-8bf1-08e4be4b9e9b", "id": "CVE-2023-42795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42795 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:19b2747f-86f1-5282-a136-c682b9ac7de1", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e0ed490a-57dc-52ac-89dd-00a8b1faab29", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:eb579407-d7b4-5dae-906c-b860cf1b3d71", "id": "CVE-2023-46589", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-46589 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:42887828-ce32-54c8-bbde-82fd15f01df7", "id": "CVE-2024-23672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23672 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2d4a989a-3986-5497-b1d4-6dc2b88fbd98", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7cb31863-261e-524a-b3f7-a65a95bba385", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e666e58b-422c-5bdf-afcd-f8902ea8de75", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:28f5df40-321f-5d28-b381-53515be00e03", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:745592a6-28b3-50e5-95f5-9d09fa2cfc41", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d3fde514-62b1-5a2f-938d-296b2b5f146e", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e2b671fe-306b-5312-b938-883e6f1b6e91", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:557e29bb-09e8-52bb-9c9c-ee54d38c1e47", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f8d2313c-8fb2-5737-b7f8-ea55907e9868", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.75-tuxcare.2 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a3bed690-e181-5e99-bec9-2770514dc7a2", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:82fc3367-baa5-58b0-86f9-6985286071ac", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d7b2ab61-82a3-559d-befc-369efede8928", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4f21fb62-8fde-5794-b4e7-bbfdfce38747", "id": "CVE-2025-48989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48989 affects version 9.0.75-tuxcare.2 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cc86ef0f-bfd0-5cd7-9fdc-4c75701d607b", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d1bb1eeb-15df-5f2f-beb0-6b756667404d", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f7941a97-a8b2-577f-814c-00c690457d5a", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:240ea1b0-7c0f-5d7a-97de-247dbd7b5954", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4b410e15-027f-5f6b-b49d-287d30c47fde", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c714c334-059c-5d2d-9c6b-71f140ad71a2", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f58fe903-6ada-58ed-8107-222cf9aa9875", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bc9f43e0-0b18-506f-bbac-add605163cfd", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1d55c4e5-17b3-5d54-a357-c6a3b92fdc4d", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:45c137ec-2948-5043-960a-38fcd85abb3d", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.75-tuxcare.2 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:233cdf8e-b479-5891-816b-b9511d50c8a1", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.75-tuxcare.2 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4cd91e4f-5b6f-5b8d-b32b-072e0db368e4", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.75-tuxcare.2 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3d31765d-e612-5216-b246-9b618e57c227", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.75-tuxcare.2 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:87ce12d0-f637-581d-9048-ba59e0828d94", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.75-tuxcare.2 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a9a5b028-bede-51ea-aa35-fca36ff8058b", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.75-tuxcare.2 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6a337cad-9be8-50a1-91ad-1b4461f054ae", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.75-tuxcare.2 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:20e42108-4a3c-51af-900e-c023c708b616", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.75-tuxcare.2 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.2" } ] }