{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:2821eea6-9435-5f10-b005-7e6e8ac412d9", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.46-tuxcare.4", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-el-api", "version": "9.0.46-tuxcare.4", "purl": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.46-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:f8b8cb02-814d-550c-94d0-649652f20a14", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e9403e43-9633-5b31-8bda-37a647070307", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6dd45072-cafb-52de-9ee1-2fbb92a62660", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:111297f4-209f-55e3-854d-63878003023b", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:791f2f78-4198-5d4f-a5d8-f4b5bdb42c7b", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:53ad6d26-f6a1-5751-8569-c423ddefb7e3", "id": "CVE-2021-33037", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-33037 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:64007ab8-f89f-56f7-a50a-b6d5c82768d9", "id": "CVE-2021-42340", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-42340 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8095a1aa-a4f8-55c2-8ff9-044ad27650d3", "id": "CVE-2021-43980", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43980 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4e8e59ea-a10b-58d1-9028-9a324ad3b5d5", "id": "CVE-2022-23181", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-23181 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a93b7244-ac41-55e3-b1f7-1501af94373b", "id": "CVE-2022-29885", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-29885 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0c5c4302-3fcb-5d13-acce-1efbc3ef44eb", "id": "CVE-2022-34305", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-34305 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:69e87e1f-452c-50f0-b9bd-04043997fb29", "id": "CVE-2022-42252", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-42252 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:13092423-3555-52d2-a8b2-79c9f7dc7680", "id": "CVE-2022-45143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-45143 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2d79569b-da2e-5e50-8fe1-615cb8b2341a", "id": "CVE-2023-24998", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-24998 affects version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6dcbb2b0-71e1-5821-9893-cf4b9965829b", "id": "CVE-2023-28708", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-28708 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6f651d6e-9ac7-5f66-8fbf-3174e23ecc8d", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d6fcba27-8fce-5fe8-86d2-aea19d3bf913", "id": "CVE-2023-42795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-42795 affects version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8c5c09f5-54e4-5778-8d6a-9ace9ed78194", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f043f5b0-135b-59f7-aae8-7c70a53977bf", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:17e80117-b56c-5bc0-9956-1565f616eb9a", "id": "CVE-2023-46589", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-46589 affects version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8a33bf31-bdef-5c71-82ff-f05de4ca8d47", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2d8f56a0-6049-5e49-934b-1a390a174e3d", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:91327b06-bfd4-5893-8dcd-8ea97d73751c", "id": "CVE-2024-34750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-34750 affects version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3c63aafc-dcf4-5bd6-b09b-11b0e03fb240", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6e89e830-da2e-53f8-8f48-3356b4244100", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3a364c00-17c7-5bae-80de-1194b4c676fe", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:815be6d9-a0cb-55de-9ec3-5a11d1b85f61", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5d5a6494-3e26-5825-bb61-778f1d36d114", "id": "CVE-2024-56337", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56337 affects version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a5d3ba51-52ef-5339-b89a-35e235bbb96b", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8a54f34e-d5a1-5350-92bc-a2a13d29d32d", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fe23ab13-2f2c-5d37-88fb-862aa886e63d", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d6c25921-01a6-5881-b73d-969e2e2441e7", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b383f459-6ab8-5379-a33f-4748f4587119", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:766faa3f-7dee-5ca4-bcb7-628410b41b34", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c80b2a92-14d3-58c0-ab16-32139f45103c", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:76eeef1f-d9cf-5957-a601-7af58995132f", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:dce2a635-5023-50fb-bfa7-0f2214c23d82", "id": "CVE-2025-52434", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52434 affects version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:18a81015-bd4c-5f1d-8e5a-a723fad6ae32", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:59a138b8-d7b6-5c5f-a49c-277a3c1eaa33", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:76ef8591-2817-5183-b4f5-f6a1ba9f8874", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:222cff19-7f47-5b38-82b2-271fd96396b5", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3a907ca6-4b67-580d-94a9-07f6022345c7", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fefd3506-30cd-55db-aeb8-540f11a136f7", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:752671e1-a45c-5ead-8353-e5f09327b4b4", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f820b7b0-d320-5b82-aef2-5c4cb7064728", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:301a69fb-e10d-557d-ba86-bc28387bf2ff", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:77db942a-2421-5e37-9910-3e683416a61c", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cd6ad691-fe89-56c8-8667-b0e2c9033327", "id": "CVE-2026-29146", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29146 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:dc29590c-4c08-5257-b7a8-90da7aa21711", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e48fe79d-04ea-52fc-b3ba-0bf4b99c19ba", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:37d61323-6cd1-5a32-800a-ae94089040cd", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.46-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.46-tuxcare.4" } ] }