{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:0130261d-e43a-5ba5-be35-a36e1457d90d", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.3", "type": "library", "group": "org.apache.tomcat.experimental", "name": "tomcat-embed-programmatic", "version": "9.0.87-tuxcare.3", "purl": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:ba9d9e2d-99af-5edc-973d-4aabd4b0676d", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.87-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:08626978-d568-599c-a5fc-07858e47c5e7", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.87-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ffe1bd07-460f-52ba-9f14-ffed35baf78e", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.87-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1f591887-93ea-53f5-b2e5-7cf866b3f01e", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.87-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e10663a0-caad-5c55-bdd8-c3ebddf12170", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.87-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:78b05718-75c3-5a62-b286-b0b17d24bf20", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.87-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c24d8d64-1545-515e-930b-0779b63a91d4", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.87-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:78bb3248-05d3-533b-97e8-2da839c64b09", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.87-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0f124928-d29d-5441-a7ce-124bddba227c", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.87-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9ed88ab1-0034-57f6-a4e5-9c60590a1bf7", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.87-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5cff8308-89f9-50c1-82a2-55f9aa2eadf5", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e3178de0-c556-5cb7-9278-e8a3ae70c007", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7dd49ac8-d471-5e36-ab0e-76d67da3fa3f", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bed2ac83-3bec-56df-91b9-7fb96191a4dc", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7f9ba2fe-f1f0-5c1c-b126-f4154e26d179", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.87-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:14ea0553-fcb0-517d-8ea0-a6b813812810", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0abbcd14-f6a1-58a7-b1d7-5c18f1774783", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7c9339d9-6764-5a0c-9e9b-fc52f1a22af3", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e7a01afa-89d7-5da7-9b30-3adcf6418df6", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5c26355f-21d8-5a81-946c-e3034a5aa0f4", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5bc8a625-723d-5c2d-a174-7def1e2573cf", "id": "CVE-2025-48988", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48988 affects version 9.0.87-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:33681814-09aa-55c3-b1b0-1501c29d7d6e", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c8df02cd-f470-5abe-be77-35e63b33e638", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bf11ae2c-8cee-560e-a212-3803fd56228d", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:995eb974-c1fa-5aa4-9951-4006f0d896cc", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:199eceb7-8676-56f3-84da-5f3faac23402", "id": "CVE-2025-52520", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52520 affects version 9.0.87-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f4f3bfc8-358b-5bb6-9c8a-33134708485b", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1e636e16-508d-57a5-a230-0cc8ef399ec7", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:eed5c62d-9ea3-59fe-8837-21939b705a0e", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:25fd3b43-947b-56a2-a4e2-3c343c9aa758", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8701dbf5-47bd-5e45-b7ba-aaaa962dff52", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4ac52020-51bd-5b9b-958d-b565b4b37bde", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.87-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:600dd2be-fabd-5021-9e33-492d17c6df76", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.87-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:109c1a07-cb60-519c-8694-bbe3b51a655b", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 9.0.87-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f2fa9520-31ac-50de-9f84-4eaeffe3dbc7", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.87-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3dc68e27-c7b0-58c2-a5fb-36ceb2b11e51", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.87-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:18bc927a-4156-5de1-955a-d0b3c31bbcbd", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 9.0.87-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d708740a-f416-5a48-94e5-13e7ea4e49c3", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.87-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:78cb4f7b-c9f0-519b-9e1a-3305979392ed", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.87-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:02b05f35-4872-555e-a32b-e3dad1a9c5bc", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.87-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:60f01ace-40ac-5c70-a61b-28b1d72ba843", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.87-tuxcare.3 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.3" } ] }