{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:c98d3453-f298-5c04-8963-0bcb6474bc2e", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.2", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-el-api", "version": "9.0.75-tuxcare.2", "purl": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:e54b6de3-5119-50aa-8a42-e7ec1b5e98ac", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:85f3fe89-9095-5ad8-9236-9195b5057a86", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8a813f5f-269a-5d4a-aa06-a6f161c36b6c", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:02194ad2-6c46-5721-a803-916ad3416631", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f5ae872f-0298-5a8c-9111-556051feb9ef", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4b3d36ca-53cf-5eb9-a957-0b31a0d12af7", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:297256ac-acd0-5778-a1c7-4419ca3b9c67", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cd217549-5ced-5fba-978b-fe6e683a951b", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:af58bfca-84e2-5df6-a569-901a3e9f80a0", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f7dcc2fc-178a-5069-a879-de8061b8be5c", "id": "CVE-2023-42794", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42794 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:eea552bd-e60e-5c68-b172-af93806be02f", "id": "CVE-2023-42795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42795 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:364fa064-46bc-5cb6-86e8-908fe963df1c", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d348e232-f155-5bef-b771-083bebb79078", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:714218cf-2740-542b-90b3-6975f120b1e8", "id": "CVE-2023-46589", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-46589 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:34dc8840-6b9c-5644-9724-a0846b33ca57", "id": "CVE-2024-23672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23672 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:95d873df-3659-5e1b-9b4e-ce075eaf349f", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1507fefa-7fda-50fe-a4ca-35b0c2f957d8", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:37a13713-9021-58e5-8eb3-7486597bc134", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d3ea3246-c0ee-53bf-b3b5-d050b5d8b496", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7025cc64-0c30-5fa2-9475-3ec58b8bec69", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:df29ca87-533c-5bbb-ad5a-e9d935d291d2", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:62c10586-415a-5189-9274-3585c7b115f5", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:df2e56e4-333b-54a9-9554-6c5c20e51098", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:620d7d25-cfb3-5e17-8842-ae50f6e45f4c", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:163a73f0-b0d6-5dd9-a747-62c0af45f613", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:84a2167c-3283-5114-8c0c-90c40cb5ab2c", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2d36b926-4ec9-55a3-aae1-4b8728e31ca7", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2cf8fb07-0186-5325-957b-a479c8c47ec6", "id": "CVE-2025-48989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48989 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:40657e1a-24bb-54c0-b701-c30eab75067f", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ed6bfa26-5d77-50c1-8bb2-8d629737c9f9", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c9b30ca1-c818-5f64-8129-5149277f2651", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:92a2fef6-fb95-50a8-8cc3-f4eb4509fded", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c2804f7d-0430-546c-9f8c-ff2172b2bb65", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c06d9060-6e2e-545f-860d-731153dfb588", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:331a44f5-51d8-5fc9-8753-53afdb839d09", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d185f993-5342-5097-a5f4-b09062b9d5a8", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:082c59a0-5081-5111-93fb-7dd26d2e9359", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dff00316-8169-56f4-8b21-8a66e92b9395", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4a044ad5-4b91-5d14-96a0-aea2f84d1da7", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dca00a65-72f6-5b91-9e09-d8f7816c2ec9", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4c675cb0-dbfa-5221-a1f5-d6d8e92e03a9", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bb86013c-9798-5d90-aaf6-d90368c91237", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5b7db1b6-aedd-5faa-9f7c-ecbb2e8be85a", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a75f5b39-1949-5103-9319-1cd07fc65421", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6cb9a2f0-5009-5df5-b1dd-18c1470a0c04", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.2" } ] }