{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:c1f107aa-ab81-5b08-80ef-3c3bdd1a6ba7", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.5", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-el-api", "version": "9.0.75-tuxcare.5", "purl": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:a5e51dfe-522f-5e7a-89da-20de5e1f40d1", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:bf6b53cc-b0b5-5982-8a98-9a6e4aa211e8", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3ae32790-2c09-5a8e-b9c8-0f11ca32ee5b", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:de5c105b-fab1-52ad-8617-a340a8543b11", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:189e2f40-5242-598b-8944-9f6a2f5a1292", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8293c825-9f5a-5212-8e52-c089c3e1c0e2", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7edc64ea-0f48-5e94-9cc0-36b8aaea004e", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:88fe45b1-dda7-554a-97da-f4248881cde3", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:76b8067d-eae3-546e-996b-0766f3773326", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:028e6e70-39a7-5f9e-a534-0d5a9f7e3dce", "id": "CVE-2023-42794", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42794 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:21309151-700f-5d1e-a104-f99298c0b0a4", "id": "CVE-2023-42795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42795 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:11f18ed6-80af-53e4-b636-d2ee0e3d188f", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:684d2096-5b47-51e4-aa9f-712cbdee8c28", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:df5f1cc6-50f8-5369-ac69-5d0e71a77d71", "id": "CVE-2023-46589", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-46589 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:97a6dadd-5f0d-5014-aef2-a47c7d2efecc", "id": "CVE-2024-23672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23672 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9f6e34ca-5df7-52ed-b28e-0e1fce9cc851", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0a139ec2-823e-5c51-b479-c192f75ded81", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:51d8b1d6-846b-5481-a4b9-f2d8bd1978c5", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1e55cee4-e1ee-5ea1-a5f6-c09add3caae5", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a0e2d363-bfb6-5169-b6f6-e56fc27aa5e9", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1dc3d5c7-eace-5605-acdb-b0813c45647c", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:695b82d0-716c-595c-b353-00dfb6a95f1a", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7eb79ffc-fe8d-5cba-a3cb-db43cae6be48", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0cdc9fa0-23d1-5b16-ba6c-1704909d369c", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:cc2f49e0-6977-57a7-b3ad-b1aebad1963e", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ee413836-84ae-5a35-80bc-4c379184e2e6", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d2f731a5-4b0d-5369-9d3f-913fe8ebec69", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:606b4898-7b9f-5f76-93f6-283678524490", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c10f8a25-f340-5a9d-9ea5-2f7b7281eae9", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f825caed-cf44-53a3-aeeb-72c8fbe5142b", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:01c05e63-a95e-520d-b816-b2630db543aa", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:97d4c08e-0db3-5d7d-9048-3ea0ec61f3c4", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a17fa866-99af-5139-a901-cf6de36ec8c6", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1d9e7dea-5512-5b13-9a39-bb0bf4d95664", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:40ae00e7-a233-515b-b8bb-e52d33f1ab3c", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:757ab633-e351-5e9d-9b9d-09ff0859231b", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c90932d9-c858-5a16-9108-ab06fd17709c", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2e750f1e-8eff-5ea3-8d9f-403a049c428c", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:aa97f06f-9a5f-5cef-8ab8-c52622e4475b", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ed662501-0457-51af-9166-a06c3718786f", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:eb238da5-56b9-518b-b1ec-6274a4d2dcdd", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:433ad877-0056-55a0-955b-3ad3b3b8140a", "id": "CVE-2026-29146", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29146 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:88c51ef6-d086-521e-9723-fc5366a905af", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7cd1c34a-ef51-5ca6-906f-c1e3057b4269", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7fc55da4-bf3e-5924-b729-72e88f7c91d9", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@9.0.75-tuxcare.5" } ] }