{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:91b9de0b-6a26-512c-958b-c285d5a3a34d", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.4", "type": "library", "group": "org.apache.tomcat.experimental", "name": "tomcat-embed-programmatic", "version": "9.0.87-tuxcare.4", "purl": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:9d7f02cb-12f8-5e2c-96e7-a6790cc9c2f1", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1edef9d6-600d-5a5d-a0f1-1d66e9060b80", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:40137b77-7b6a-57be-a130-ff7892d1688e", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:78672af8-75c3-533f-a33f-81979dd6d7d0", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3a6d5c98-ebcc-532c-9ad3-09cac6681bf0", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e9abe739-d6b2-5b35-a594-010c56c2194c", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:37ed3cd5-043b-54e6-beae-040fbd9041bf", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:39cd3206-3271-5eff-8f0d-949fe43ef0c1", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7011ffb6-955f-50ac-8a8a-1024f2cd43d9", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:70a7dc1b-8c61-5c67-859a-0af0e64eca02", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a38f32a0-44d5-50fb-bce5-0c8016d179a1", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:aa720a29-28ca-53bf-b055-38617b39a270", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9f1afdab-0842-5784-8301-20cb15fcdf49", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:44b687ce-105c-506a-a600-b75bfc0d952b", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0b694a66-a721-5599-a890-ec59ad0c4e1b", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8ab7fde3-5fdc-54bd-8c4c-b80e5051f058", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:178e1f8c-ff57-5ea3-819f-04a4eeca80f6", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a847870b-c46f-549f-adcd-0bb02c21affe", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b729d122-a472-5596-978d-f0db38cca056", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f7239fc9-b586-54e2-98fb-6eab89365db7", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4b1f63f3-1885-583a-a3fd-42473095919e", "id": "CVE-2025-48988", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48988 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4610fc7a-ff84-5dce-a568-51ae99f4e381", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:73ca016c-e306-5f20-adc6-a1226f52c57b", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:04b071b5-4fda-528f-a5a0-09b410ae1784", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e2c6da09-b0c1-544e-a2c1-1dbfaab15599", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fbbb8d5a-fdd1-515f-809d-c8bfb6cd5fab", "id": "CVE-2025-52520", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52520 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:36c07983-0758-54f4-8bb4-e4e6b7941074", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:87940bd4-53fe-5042-8003-b26d925aad4c", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1f7ca932-ae53-55ac-8c75-41c05b93584c", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5266f98a-4eb1-5583-abb4-d85db4504d94", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a99f5d09-565f-51bd-ba31-eb11fe854744", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:35d4902f-8823-50b2-93fe-01e7d2e09d30", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1493116f-4d12-5fbe-85c1-bd4e3b403fae", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f9a610ba-851d-5f99-807e-ee10b16ba94d", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a96a5b9e-1369-5778-8f0c-a78e3808ec8b", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0aaebd57-5fe7-5f4f-a319-e0dea93be4a5", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2ec3a2ed-5947-50fb-b2eb-eac1be6af0a3", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:59a3c10f-01cb-5f90-a396-73ba369b0574", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c2e2637c-afd1-57c0-9671-405e928233d9", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ae49f205-dcc5-5f61-b90d-bb79b7d804ce", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:711e89f5-4526-59d7-931d-8adeb353b407", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.experimental:tomcat-embed-programmatic." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat.experimental/tomcat-embed-programmatic@9.0.87-tuxcare.4" } ] }