{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:67318ba2-4781-5b7d-87a8-6019b8cc9d47", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.46-tuxcare.7", "type": "library", "group": "org.apache.tomcat", "name": "tomcat", "version": "9.0.46-tuxcare.7", "purl": "pkg:maven/org.apache.tomcat/tomcat@9.0.46-tuxcare.7" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:5282608a-f612-50d7-a2f5-e3ea78b50ba4", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.46-tuxcare.7 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.46-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:a547c083-f196-5060-8220-e920ef07a033", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.46-tuxcare.7 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.46-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:d0cc4851-9c94-53a7-82db-e89108f7eb40", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.46-tuxcare.7 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.46-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:139d3eba-cd7e-5177-a3f7-0ad4c834391b", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.46-tuxcare.7 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.46-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:4f21ec83-38a1-56d6-b361-d76c2abf5825", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.46-tuxcare.7 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.46-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:60fa2513-0eb7-563d-890a-c35da2ece622", "id": "CVE-2021-33037", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-33037 is fixed in version 9.0.46-tuxcare.7 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.46-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:3cfe190a-0462-55c9-852b-3b055cd020bc", "id": "CVE-2021-42340", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-42340 is fixed in version 9.0.46-tuxcare.7 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.46-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:9b5d41ae-4b97-5b57-82c3-3fea86b9de09", "id": "CVE-2021-43980", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43980 is fixed in version 9.0.46-tuxcare.7 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.46-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:7c8e8070-144d-5417-9e59-d95d1f73e8ee", "id": "CVE-2022-23181", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-23181 is fixed in version 9.0.46-tuxcare.7 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.46-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:d7630b11-e3d5-5fdd-809d-7892ba0deab8", "id": "CVE-2022-29885", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-29885 is fixed in version 9.0.46-tuxcare.7 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.46-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:63e6e9a6-15e9-5500-896b-46a78c0344f0", "id": "CVE-2022-34305", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-34305 is fixed in version 9.0.46-tuxcare.7 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.46-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:8c8a390f-e46a-54df-a0c0-d6c124974e3e", "id": "CVE-2022-42252", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-42252 is fixed in version 9.0.46-tuxcare.7 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.46-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:cfed5c67-c780-5114-b6a6-616ba0842130", "id": "CVE-2022-45143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-45143 is fixed in version 9.0.46-tuxcare.7 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.46-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:029a2526-2004-5630-b713-227f4d1e743d", "id": "CVE-2023-24998", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-24998 affects version 9.0.46-tuxcare.7 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.46-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:47e433a2-b662-5734-9022-e7d3518f8312", "id": "CVE-2023-28708", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-28708 is fixed in version 9.0.46-tuxcare.7 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.46-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:b715a431-8e8a-5c68-8c53-1e758ddd5973", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.46-tuxcare.7 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.46-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:59a073e5-018f-513f-bd93-946d47207910", "id": "CVE-2023-42795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42795 is fixed in version 9.0.46-tuxcare.7 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.46-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:2532d0d1-76fc-5425-9b13-9f24fc00b834", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.0.46-tuxcare.7 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.46-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:f9b27686-3d08-5017-a0a3-849a94c200ab", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.46-tuxcare.7 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.46-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:13162694-3e4d-5269-96cd-d54feec76f3d", "id": "CVE-2023-46589", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-46589 affects version 9.0.46-tuxcare.7 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.46-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:e6d08c3c-18d5-5dca-b094-cc513b4e413f", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.46-tuxcare.7 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.46-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:3d5257e5-fa47-5848-ba74-34b929aad106", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.46-tuxcare.7 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.46-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:8a271a26-a7b8-5195-8db8-bf22093ae8b9", "id": "CVE-2024-34750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-34750 affects version 9.0.46-tuxcare.7 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.46-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:6edb56e8-5b26-54d5-a1bc-ce5d59ef8f2e", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.46-tuxcare.7 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.46-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:47760834-6319-5ccd-b0fb-f9c9949e09ec", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.46-tuxcare.7 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.46-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:830c2f3a-a9af-5348-ba12-05551e5507f6", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.46-tuxcare.7 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.46-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:e8bd5fb0-e997-57be-9ed6-99b0083610ca", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.46-tuxcare.7 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.46-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:bef74ef3-2717-5ad2-9c9d-974e595647de", "id": "CVE-2024-56337", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56337 affects version 9.0.46-tuxcare.7 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.46-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:00a04177-4c03-5ab7-a732-f180ac27d2aa", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.46-tuxcare.7 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.46-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:c2898839-24b0-5c57-92e5-aba4c0be3337", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.46-tuxcare.7 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.46-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:6c282faa-8754-556c-868f-3c4691e646b9", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.46-tuxcare.7 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.46-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:65de6c23-9845-5419-9205-707f5295d500", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.46-tuxcare.7 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.46-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:404ebe76-3bde-5eb3-b2bd-26e77ca4b964", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.46-tuxcare.7 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.46-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:b250e6a7-0a7c-54e5-bbe5-ce6f18df3beb", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.46-tuxcare.7 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.46-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:bc7f0d36-647b-590b-ba0a-deafc9369e3a", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.46-tuxcare.7 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.46-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:05c5ccdb-d70b-5216-ba0e-724de22b7bb4", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.46-tuxcare.7 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.46-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:744d67d7-9bc3-5022-931d-ccd5799dcd11", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.46-tuxcare.7 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.46-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:109bd183-f86e-5627-884d-8b5d1ce58239", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.46-tuxcare.7 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.46-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:e8983205-e6e6-5166-b8f6-af94c846357e", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.46-tuxcare.7 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.46-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:7e4faf48-9fdf-50a1-9841-22cceaabdd32", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.46-tuxcare.7 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.46-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:7ba82e1b-0ca6-513a-a214-6ffb20df1f82", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.46-tuxcare.7 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.46-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:1f3f10d0-91ab-50f5-9ab3-f357de8a0921", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.46-tuxcare.7 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.46-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:34338949-cd05-5fc9-b0e1-a4b8c0e32fdb", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.46-tuxcare.7 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.46-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:e7cea67b-ac7f-5be2-ab33-ec85ce66dd20", "id": "CVE-2025-66614", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-66614 is fixed in version 9.0.46-tuxcare.7 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.46-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:0307e526-8172-5fdc-9140-aef3fd24821c", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.46-tuxcare.7 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.46-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:1d2468ff-0048-5eda-a1ff-4716aae59fa9", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.46-tuxcare.7 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.46-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:616d76f4-8555-56ed-b3ee-70611b78f700", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 9.0.46-tuxcare.7 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.46-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:1c686247-d498-586e-a17d-e1c5f6154653", "id": "CVE-2026-29146", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29146 is fixed in version 9.0.46-tuxcare.7 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.46-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:d9da17e0-1224-5bd6-ab86-25593a659757", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.46-tuxcare.7 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.46-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:8de5d764-c604-56e8-8c29-eda0c06db055", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.46-tuxcare.7 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.46-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:0d7751f3-71a1-5861-b013-2a52ef860951", "id": "CVE-2026-34486", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34486 affects version 9.0.46-tuxcare.7 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.46-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:f3736163-e126-5cb8-81f7-be1d359c7f86", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.46-tuxcare.7 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.46-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:b6932675-62ad-59cc-b55d-66def75b9f2e", "id": "CVE-2026-41284", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41284 affects version 9.0.46-tuxcare.7 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.46-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:62a65308-9856-571c-a001-0fd5915d83fa", "id": "CVE-2026-41293", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41293 affects version 9.0.46-tuxcare.7 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.46-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:93fdbbec-fae5-5c98-9264-ecafd619e4d7", "id": "CVE-2026-42498", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42498 affects version 9.0.46-tuxcare.7 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.46-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:b64754b9-387e-591e-a0b8-ee0134e40e03", "id": "CVE-2026-43512", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-43512 affects version 9.0.46-tuxcare.7 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.46-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:625f8330-e4d1-50e6-b299-8c9eb38b93fb", "id": "CVE-2026-43513", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-43513 affects version 9.0.46-tuxcare.7 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.46-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:df943253-aa67-57ca-8828-ddb6b4022654", "id": "CVE-2026-43514", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-43514 affects version 9.0.46-tuxcare.7 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.46-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:a71b53f9-4ee1-51a0-95cd-44194e975025", "id": "CVE-2026-43515", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-43515 affects version 9.0.46-tuxcare.7 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.46-tuxcare.7" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.46-tuxcare.7" } ] }