{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:f08a1096-5f0f-5783-9a86-4c7f4d52787b", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.6", "type": "library", "group": "org.apache.tomcat.embed", "name": "tomcat-embed-core", "version": "9.0.87-tuxcare.6", "purl": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.6" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:dac7ef68-5fdf-50c8-98db-d16428f9aeb7", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.87-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:bb042dc2-9188-57b9-abc3-45872e8f3354", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.87-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:d47adb61-bb4f-5516-8f57-0ea0a1e4a127", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.87-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:fdc421ea-c3be-5bb1-973e-0272392b406e", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.87-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:626dbca5-0bdd-5a55-9006-93e4f00b6a02", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.87-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:6a3eaa37-2e54-57a6-8743-4ccf75c6035a", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.87-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:35a30c02-0a03-51e0-8873-a1a5fb070853", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.87-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:a3a0197f-e1b3-5618-bc1e-b114db98b867", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.87-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:30fbffa1-5761-5d17-95f8-d514d8ce61b1", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.87-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:1681d08e-6599-53ea-9737-c64c70e739bb", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.87-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:12eeea8e-ef40-5f21-a89a-5f9978060564", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:5d7004d2-a10f-53db-b75c-1f833a210c87", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:645c424b-ed49-5da1-8bd7-ddb0b8a945d7", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:5a6746cd-cf0c-5d5f-b457-b3b1a330da55", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:2e2acea8-a263-5f47-a998-4f4c628e1c5d", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.87-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:7e7d6ebe-62f7-5694-90dd-094cdaebb777", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:20b44890-9566-52dd-ba37-6f8a61514cf3", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:0f943ddf-9261-57cf-9709-45575637afbd", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:be14414b-bf28-536e-9b95-d22f037a62aa", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:06bfc90f-8b38-5df6-825b-251c2765ff16", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:85b33d42-180a-5e30-bd81-abed2a5ba431", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:61ffb50a-f783-5b75-9df8-ee3d6300459f", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:427fa71e-1255-56db-ad22-aa6aa2de4a4c", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:9a3919dd-30ec-51d1-af3e-2faa7b4ae216", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:d9937727-0524-54ea-8aeb-c1ecbd9fc869", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:79f0f477-7720-5d65-ba4a-200f44ae3cd6", "id": "CVE-2025-52520", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52520 affects version 9.0.87-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:57ac4cbd-1f0a-51dc-ac68-9c7cfd8c65be", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:f9c06515-2333-5971-90d5-744cf9423503", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:e95246c9-43f1-509d-897a-975998647fd3", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:9bca8f92-1f28-50d2-9516-c71f8c958c83", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:fe041985-aada-5e1d-9762-11867361d705", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:ba22a13f-7dc7-5a98-896d-6b4d59998cd5", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.87-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:bfe205b8-0f2a-51cc-98c2-95f9e8a9fd90", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:c7ff770c-7ac0-5f8f-b11b-ffb63b08bc7a", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 9.0.87-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:b138c106-f4ae-5164-a07a-665f77fbdc0b", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.87-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:f247dc1f-36d0-5b67-963b-0891fcae7093", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:cc13fbe1-4bb5-526e-8c7c-ccdb1f882fc0", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 9.0.87-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:981309f3-6383-501b-958c-0c85e5855e3c", "id": "CVE-2026-29146", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29146 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:2d16f38d-a350-5c5c-a0a7-f493dbe45c95", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.87-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:4b356afa-8494-5a90-8a40-b9a28e875c47", "id": "CVE-2026-34483", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-34483 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:1341b6e1-34c8-5145-89fe-312768e032ab", "id": "CVE-2026-34486", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34486 affects version 9.0.87-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:55fab74d-a76e-5674-86c3-50ac540804a2", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.87-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.6" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.87-tuxcare.6" } ] }