{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:1ed08ae7-6bac-51fc-95b3-30f404c959ad", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.2", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-el-api", "version": "9.0.50-tuxcare.2", "purl": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:8d08b7ca-3d55-57e8-a70f-25a6cbdf701b", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:25ffddd6-9b38-5ea7-b3ca-85ee6cdd6dfe", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9f7cff5e-f7c2-59fd-aa25-903462208ee7", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3083bef2-e99e-5814-8d9d-502fbb284f69", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3f4ec25e-23a5-534b-9e65-83e55319dad1", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d9319423-0b70-532e-beea-4a1e577e845d", "id": "CVE-2021-42340", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-42340 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ccb0ba22-b48c-58cc-9a8f-34fa74e56162", "id": "CVE-2021-43980", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43980 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:56519f0c-3db7-51d8-b3c3-a3ce7160f306", "id": "CVE-2022-23181", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-23181 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:df470bbc-fa7c-54d4-8107-0779911551f9", "id": "CVE-2022-29885", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-29885 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:88d7cb3a-8f7d-59d2-96c5-06fc54c57c51", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:39332dc6-aad5-5ef9-b5d1-5b8dcb1b0959", "id": "CVE-2022-42252", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-42252 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3f2f9a68-b552-5f40-9fa0-289db6ba5c3d", "id": "CVE-2022-45143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-45143 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6e82ebea-168d-5865-b759-276cb2ee0757", "id": "CVE-2023-24998", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-24998 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:083d4bab-9d8e-54d2-80e2-cd8799febb17", "id": "CVE-2023-28708", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-28708 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:97a9b26a-1fa6-519a-87a8-287d44617aec", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7097444f-eca5-5c9b-ab21-8e6c0de21ca6", "id": "CVE-2023-42795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-42795 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f8d538ec-3ef4-5e30-8f5d-515ac97bd8da", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c289929a-d803-585e-bb73-9e2844de6d93", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a283459d-22e7-5b71-8db8-a6794f14dbac", "id": "CVE-2023-46589", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-46589 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:aa193090-f502-5b28-85e1-acf836267160", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c03ab73f-b121-523a-a6dd-44f4992038df", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:de08d61a-6b06-5162-8844-9b11aaba469f", "id": "CVE-2024-34750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-34750 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b271e3bf-4f59-56ce-bef6-eb2e9667f0c0", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7b75e018-884c-50bb-aea5-486aebea8068", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7ff701d6-e3cf-5e97-8d1a-19a63ab1e53b", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:30f0b148-d6d3-5199-ab8d-20b78a868ae0", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9da4abb1-86e0-537a-8d29-3e5cb78e99dd", "id": "CVE-2024-56337", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56337 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7aab94d3-945d-563d-a0bb-786cd4483ff8", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:aba6d30b-5359-5c37-bca1-374436e857cb", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f0a73644-ccfd-5c5e-a688-c4ffe1497fb7", "id": "CVE-2025-31651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31651 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8d1fe05c-59ed-5523-a81c-fc9c2b1f103e", "id": "CVE-2025-46701", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-46701 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a14ce1a2-27a3-593d-83d1-bebffe86ee9e", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:34b21a74-e88d-5d50-912e-50398a16709c", "id": "CVE-2025-48989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48989 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:54c0a455-92a8-56b2-a4df-51e68aa82724", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a7955ba4-5c9f-5ebf-a76a-03dcd428e3c6", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5012e98a-8934-5ba0-a85e-c7b5ea2e4119", "id": "CVE-2025-52434", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52434 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d464cd34-454c-580b-afa5-84d06edb6f46", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b7d19830-0e06-5fbf-8f28-f9251bf22c46", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1d5bef06-a835-595c-8108-6ae4554ff0ff", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:37a1616b-ede8-5cb1-9ab7-57371a84d3d5", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:63156029-0ced-541d-96a1-d0b895bbaee3", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:90a8f68b-4444-5c73-ae68-66cefade1676", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9c433f1c-1815-51ba-9c52-cf751de7f182", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2d3f5c8c-acdd-59cd-9e19-f0bc1297cf4a", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b431716e-fd63-531b-958d-29eac52b4af6", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:db7c22c0-646b-5761-9260-76f6d0d0c806", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:957167cd-f2f9-5d7f-bf6b-90328558c570", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8faa6263-8b2d-52c4-a49a-ca567a06fa21", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6e8b11e7-0009-582c-9464-487dc5977fbc", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b26cee75-a813-5754-9b17-fb03df3933c8", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.2" } ] }