{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:44d16ebe-cc26-57fb-ab0e-d9697c8f2a77", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.109-tuxcare.1", "type": "library", "group": "org.apache.tomcat.embed", "name": "tomcat-embed-core", "version": "7.0.109-tuxcare.1", "purl": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.109-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:2b36f8c4-0078-5cd8-ad30-c1a0659dc51f", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5bda8b10-0770-5f67-af29-b9ed5480f55f", "id": "CVE-2015-5174", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-5174 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7cb2e79f-d3f6-5a36-bd4d-e00a884291b0", "id": "CVE-2015-5346", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-5346 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6ec6b330-e363-52ed-9e8b-f16dec3392f8", "id": "CVE-2016-0706", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-0706 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:65b37b0f-7bf8-5549-8bf1-56a08ebd548d", "id": "CVE-2016-0762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-0762 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:de97a2ba-d7cd-57a2-b38e-3ab42fa4d80f", "id": "CVE-2016-0763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-0763 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:780fd2fa-3194-5854-9b91-69880b805584", "id": "CVE-2016-5018", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5018 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:edc462c7-70e6-5282-a349-4780f54e791c", "id": "CVE-2016-6794", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6794 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b3530172-c84c-59ca-8aeb-0d63c28bd629", "id": "CVE-2016-6796", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6796 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b4ca69d2-d060-5936-8160-432bd0532a8b", "id": "CVE-2016-6797", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6797 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bd10c0cc-1e7a-5ec9-acc3-abd5ac75da73", "id": "CVE-2016-6816", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6816 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:568f492d-d2a5-53d8-b267-fc8a9b05178d", "id": "CVE-2016-6817", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6817 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1d6a3d2c-9834-51a2-ae9f-93c284c0db93", "id": "CVE-2016-8745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8745 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fb1be096-ded3-56c2-a82a-d1e825735ab0", "id": "CVE-2016-8747", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8747 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7b8389cc-3791-5389-845b-bf140d0ca65f", "id": "CVE-2017-12617", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-12617 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dbf7e543-9790-50b3-b3ae-45cae1f85d9b", "id": "CVE-2017-5647", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-5647 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7208dac0-304a-5e48-8aa2-f8d9570f66c7", "id": "CVE-2017-5648", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-5648 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e9d04b29-a2ae-5998-bc90-967ace604883", "id": "CVE-2017-5650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-5650 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:270e1419-9f9e-5d1b-b4cd-213b590dc308", "id": "CVE-2017-5651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-5651 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8c0a8d25-4337-5a4f-9e16-1663672574a1", "id": "CVE-2017-5664", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-5664 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:536100fc-078d-5be8-8b4b-2d598a37d630", "id": "CVE-2017-7674", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7674 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:28643ff4-a693-5d8e-aca5-12ee122c8fb4", "id": "CVE-2017-7675", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7675 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6affe9b5-f8a5-543d-9bcb-f0789c1873d3", "id": "CVE-2018-1304", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1304 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:aaa1936d-1a03-5b3d-8c22-03d43ab620be", "id": "CVE-2018-1305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1305 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:41dbbce8-77f0-55ad-b8c6-07c93d1f0aa9", "id": "CVE-2018-1336", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1336 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cc24a985-023c-5bc6-873a-39aae8963d0c", "id": "CVE-2018-8014", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8014 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dcdd4eb4-0bb6-54b9-af1b-b728d7237949", "id": "CVE-2018-8034", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8034 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3efb2ad1-ed0b-5331-9fae-609b9c4c9ac3", "id": "CVE-2019-12418", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-12418 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:180574ac-f60d-5a15-ad35-8e33caa32a0e", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f5281f4d-db8f-5752-93d3-cf795ce4b3b4", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2e915ffb-b296-55dc-84f9-278efa903a6d", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dc83770c-9ec6-5868-b031-bb3f95a69098", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a3f2c753-02a7-5057-aa6d-097c3c49792c", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6ca93c26-ecc1-5e0a-bfd2-68883cfbc7aa", "id": "CVE-2021-30639", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-30639 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c40ea3ed-021b-5b7e-b81a-7d46fb034bfd", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3e3d61bd-7add-501b-a58f-20b1a7ac64f1", "id": "CVE-2022-23181", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-23181 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:69e5bf40-cf90-58e9-a5ff-7daae159955a", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c92f073d-0d5f-59ed-8b5f-e3324216967a", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:08442619-1c48-5d5b-aa9c-b70b6479b403", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3096ed13-4684-5453-98e5-0d384eb69473", "id": "CVE-2024-38286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38286 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d67cc3ce-fa96-58ba-81c8-354432a71626", "id": "CVE-2024-52316", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-52316 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c24cebc9-c199-5837-bfa9-6e0e620ecd7c", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c5355b54-f51d-5152-ac23-09735f419829", "id": "CVE-2025-31651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31651 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c2f69255-08d1-5b61-8ab5-6bb46e0c4224", "id": "CVE-2025-48988", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48988 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7b45dc38-89c6-53a0-b19d-663b8625ba93", "id": "CVE-2025-49125", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-49125 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:06a1d97b-51b5-507d-be31-cd1d9a563b80", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6a942eb0-5eb5-52fd-9edd-be1dddf67abf", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5e866d24-b6c8-5552-8f9e-053f70c292c8", "id": "CVE-2026-24880", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24880 is fixed in version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ecdc56ee-063b-59c2-a2e3-a31c212010be", "id": "CVE-2026-29145", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2026-29145 does not affect version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core. The official CVE record (https://www.cve.org/CVERecord?id=CVE-2026-29145) limits the affected versions to Apache Tomcat 9.0.13\u20139.0.115, 10.1.0-M7\u201310.1.52, and 11.0.0-M1\u201311.0.18. Version 7.0.109 is not within any of these ranges" }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2e3f0a55-2db0-5dbc-8203-1f3621b02474", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e1d6f5f9-4680-5607-8878-008a8d8c6368", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.109-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.109-tuxcare.1" } ] }