{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:560f3600-12f4-51e4-aca1-5d93aa4fdaa7", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.8", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-el-api", "version": "9.0.50-tuxcare.8", "purl": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.8" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:9457187a-cf30-5d3a-8d36-75e6f684711e", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:886baad6-f1d5-5cc7-814d-eeb4edd761e4", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:08a798a9-b906-566d-98e1-972dff332b52", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:5560e57b-b279-5627-a5d2-8e2664ba845a", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:f8522559-c376-5185-924e-21b914b47f79", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:c82d435b-2a9e-5597-9338-0225d756c3a5", "id": "CVE-2021-42340", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-42340 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:6fe13dc5-3269-5e68-8593-fb3fe3406d60", "id": "CVE-2021-43980", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43980 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:9332fb50-a960-59f1-b50e-28ee994df9f3", "id": "CVE-2022-23181", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-23181 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:8becf0f3-eb32-5c1a-85fc-97ccf0a47e91", "id": "CVE-2022-29885", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-29885 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:035b3bd8-a95b-501a-990a-e8fe76159842", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:60b6476a-8740-523f-bef8-b8501ca4f8d5", "id": "CVE-2022-42252", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-42252 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:775f22c1-c994-544e-aefb-e8d28ae29f16", "id": "CVE-2022-45143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-45143 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:bc34a0b9-9768-5944-921a-7ad458e63962", "id": "CVE-2023-24998", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-24998 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:894eceb4-da7a-5015-ba50-0af3b38f6c38", "id": "CVE-2023-28708", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-28708 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:2d9fd9d1-1d72-5054-bcc6-abc1c611afb8", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:030c0c92-67af-5346-b729-721673f89d56", "id": "CVE-2023-42795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42795 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:41f8dab9-3545-5970-b5b2-9509cfbfdcf5", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:1a11fb12-5cfc-579d-a37f-8250ad4d19a2", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:93c5453a-7dfd-5044-b93a-7b2370f74d32", "id": "CVE-2023-46589", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-46589 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:81c5b74c-6b32-5e17-a607-8aabc6de0be4", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:fcf9e618-d511-5f94-a5a8-084c775212c9", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:480a8367-8ce7-594c-a14c-09395a188b84", "id": "CVE-2024-34750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-34750 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:bb15eab2-5793-5a9f-9036-683cdb94f99a", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:0f605d38-58e2-519d-a6ff-feb00f97aaf3", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:ec9b5559-6ab2-5281-8819-1ba1dfcfa4dd", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:029a0d3a-1d30-5edd-888c-2124b154ebef", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:ff022f9a-c3be-5139-893f-11bad32ef94e", "id": "CVE-2024-56337", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56337 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:4fb47aba-d796-532a-960f-75cd34bcf73e", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:a155e598-4b5e-5ecf-af8b-3f1f81fd9d74", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:224b109f-f987-57f2-ac8e-b4240b8dc838", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:9913e7f2-f6d9-588e-bc5f-65769e04036d", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:e35653d3-f230-5d8e-b4ec-6b3569c3ed4a", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:7db81cae-50e9-5842-870b-b74564173b12", "id": "CVE-2025-48989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48989 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:1f2f28cc-b23d-57ac-8621-889b0d25f911", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:d48b3136-d4f8-5c95-85e1-6090d20ee525", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:337156cf-4b33-5f02-919e-c7ccbf8725fc", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:3d33ef1b-919d-531a-9484-dc886681d1e1", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:8fee2591-6f78-5593-8170-e02f6e922964", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:c439cddf-349c-5d7c-8803-8e799d1118d9", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:6258f978-e417-560d-be17-16877e790ccc", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:d25b6344-e986-5db1-80a3-7e9f44544af4", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:a29b9054-78d7-5ae5-9176-ca881d15fe04", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:d116a78b-70af-58bc-ab7f-61c12fe6d049", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:6dd30aef-9818-5fa3-b51d-4a852cd90913", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:706de796-f5f6-54fd-9ccb-75b228f8f625", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:dd6887d9-a50d-59c2-8867-7b669babbba6", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:cff509bf-5564-52be-bc2b-4b4a575375c4", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:93d41eae-b705-5208-952c-079a15a40481", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:dfc7f853-1221-590b-8e7c-d72e71f0c8cc", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:13bf5929-487e-52d3-82e4-6c1a4a529e51", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.8" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.50-tuxcare.8" } ] }