{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:fcf75622-3168-5f14-ab7c-e06ac3589a0f", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.3", "type": "library", "group": "org.apache.tomcat.experimental", "name": "tomcat-embed-programmatic", "version": "9.0.75-tuxcare.3", "purl": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:ae32526f-6a00-5232-a4a9-dff287abd6ae", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.75-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:63ce5e69-7203-549d-a0c8-452e9343996f", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.75-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8a9d3268-1601-56dc-9521-08704ec2d8a1", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.75-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c8fa2fd5-9a7e-5969-b498-345712dae849", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.75-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4601f09a-e53b-595c-ad40-d33863cb5182", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.75-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7cb52e84-e453-52ec-a422-35a6d4bcb8b1", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.75-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1f67cc33-9297-55da-93b9-5d5401c3c33e", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.75-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:89545126-659c-54b3-8f23-7f11fd8d916e", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.75-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:155de1f6-965b-5e46-966d-9fe716d8d1fc", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0c25c05f-9021-5f8b-b0f1-d87714ad1e06", "id": "CVE-2023-42794", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42794 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:45fc9e40-e4ae-5353-a9f4-45aa80291438", "id": "CVE-2023-42795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42795 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:91c121cb-b32d-5397-a4e0-9460f5ab63d2", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7e3345ab-02e5-51c4-b123-ea596812bb7d", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:526a1db0-8a2e-537d-9e8a-3787cdc451a9", "id": "CVE-2023-46589", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-46589 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f65b1910-cc9a-524b-bf96-4ac66aa428e5", "id": "CVE-2024-23672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23672 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7f3a5586-3f5e-5aa2-b088-a80ce8104a89", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a856c958-7662-518d-8094-a8da2fb53cbb", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:303c4e2c-60b4-5c7f-9f5c-7c8d63b5d6a0", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c81ca2ef-c42f-5936-aa61-fab0e525932f", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:77c7009a-80fb-5530-9b63-91aa77489e1a", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3cecf98d-2ca5-5802-8e6f-9e82593b8184", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f056ab00-3b61-5a4c-8ab3-612a5392dd27", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ec56364e-e9eb-5e28-925b-d7b694b58be1", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ad6cad54-803e-5c3c-960f-717b828574f1", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.75-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e4a7846d-a312-5c4d-ade3-3e1d22f700ed", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3cc7ffab-eeb1-5c59-9f48-15f4ce341f49", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3694bffe-93df-526e-834b-888ea8c78b4d", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:279dfbca-f719-5c68-8a14-27a311e89e08", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5d4a6e93-7d16-58fa-9810-cd05d417c06b", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5d9a75a0-827e-537f-9707-b1ecb646df66", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cf6b3a5c-f794-59f9-b28f-490d8f9a4ca0", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6ee96cd9-a00e-501f-9a39-1643315f3221", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2bf597d4-b9e3-5799-850b-621c9f2b7887", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:46f99a9b-841b-50e4-b83c-2d098390cbd7", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d493bcc6-558c-5abc-99bc-8d61d53f962a", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c1ef13b7-1974-53ab-8fa1-b7b922f9058f", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:988d554d-fc6f-5df2-a9fb-a9e7b1e436db", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c8aa65fd-cbee-5dc8-9e87-eef2a7c5218e", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.75-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0db3bed2-0de9-5907-806a-683582405ba0", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.75-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0e8e308c-328a-57f7-bdf3-9244d46dfc64", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.75-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c401d32a-da9f-589f-9ad7-91162f2941ed", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.75-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6f3675e9-710a-524c-b396-dbf36fab4c2d", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.75-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ec1e0fe1-87e5-52be-972f-9d7d1d51c4ff", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.75-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8ce5e1af-bc4d-5cc1-80df-fc820ce4003d", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.75-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:57b8680f-625a-5b0c-8582-020d2cba94a3", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.75-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.75-tuxcare.3" } ] }