{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:f9ebd6f7-d42a-5e43-aae8-3a11508cfdcf", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@7.0.109-tuxcare.1", "type": "library", "group": "org.apache.tomcat.embed", "name": "tomcat-embed-el", "version": "7.0.109-tuxcare.1", "purl": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@7.0.109-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:ee50d772-efa4-55a5-a46d-e4e121f1ed48", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3c932a2e-e31b-5da6-97eb-3f10134aac53", "id": "CVE-2015-5174", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-5174 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b7c1d9cf-19e5-5f37-87e6-ecaaa65d8220", "id": "CVE-2015-5346", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-5346 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e46f94e6-0511-5bbc-8a7f-2d74e2697584", "id": "CVE-2016-0706", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-0706 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:615ec709-b620-5e1c-8c21-c9534dec5c2b", "id": "CVE-2016-0762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-0762 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:744cfada-bfa7-55f0-af66-dd00063c9f8f", "id": "CVE-2016-0763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-0763 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:eb6d488e-423a-5306-8aad-55da53ba6c0d", "id": "CVE-2016-5018", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5018 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d6b13296-5431-59b7-b960-001d39e17e7e", "id": "CVE-2016-6794", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6794 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9eef78f2-8e7f-5d1c-84cc-17c3cf86d0a7", "id": "CVE-2016-6796", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6796 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cab8f063-853a-5ca7-9ddf-10ff6b0690eb", "id": "CVE-2016-6797", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6797 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0ced5b6c-5995-55d3-9bfa-d41ca8521e71", "id": "CVE-2016-6816", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6816 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4263175a-be22-53a0-8da9-13a5d1e09739", "id": "CVE-2016-6817", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6817 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f903c31b-8e64-5ca2-bd43-c5cecfa66f37", "id": "CVE-2016-8745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8745 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6ed0fe4c-6c34-547c-a364-1da2c42fd862", "id": "CVE-2016-8747", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8747 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:aba6c70a-85de-5505-898f-d75743df7813", "id": "CVE-2017-12617", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-12617 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:524321ff-0b1d-5433-bd6d-50405275a524", "id": "CVE-2017-5647", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-5647 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9c9ce57d-dc00-5bb8-aad2-9d59cb0ee4cb", "id": "CVE-2017-5648", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-5648 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dc45329c-0b47-5c16-bc31-4896908f28fa", "id": "CVE-2017-5650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-5650 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:163c22d5-be3f-54e4-8792-884af30e2872", "id": "CVE-2017-5651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-5651 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1c4897a3-c1ae-5efa-82e2-31436696b709", "id": "CVE-2017-5664", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-5664 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:61f7fe81-6995-5edc-92ee-a3246063067f", "id": "CVE-2017-7674", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7674 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:968d2141-844a-57da-8c48-5e798997a14e", "id": "CVE-2017-7675", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7675 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:60d89433-be2e-5a41-b51b-65bf10919d2d", "id": "CVE-2018-1304", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1304 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:30134be7-6124-55f7-bc12-b0b3da26dccb", "id": "CVE-2018-1305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1305 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f489d626-8dd4-5bb8-85f7-a8efdde5dcf3", "id": "CVE-2018-1336", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1336 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6d9c14a0-f3dc-5b3b-af34-4978fa601bb4", "id": "CVE-2018-8014", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8014 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3b82d782-f431-54a3-9a5a-07b475267384", "id": "CVE-2018-8034", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8034 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:577a96af-3461-50c6-8639-e356814890b2", "id": "CVE-2019-12418", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-12418 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ecf698af-42ea-5b08-a8ad-698e945bd995", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:509658de-6d9a-5d22-8378-df8214ac79b5", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b7e195f0-e19b-562c-bc29-c66310862ad4", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:28a5aeda-7f1a-5046-81cf-9d297aac5b51", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:72403c32-2ea7-5d0b-89e5-a34c32f5f559", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:76f4c2d8-60bc-58d8-9ffc-4a2b57597ef9", "id": "CVE-2021-30639", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-30639 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:26c3013a-6e98-55b5-963a-d1b9f0703a94", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cf79e9c0-fad2-532c-a2f1-46317adc18dd", "id": "CVE-2022-23181", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-23181 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5d5e89a1-a557-5ac2-a50f-2efb793eb17f", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:137c8b5a-7d18-583c-ba4a-dea0a82ffc0f", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:474b885e-c615-53c7-b700-b2ff32886e0e", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2228c69b-7154-5407-a4c0-cab4f94f0cd6", "id": "CVE-2024-38286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38286 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ba1adf70-7fe8-57c8-a78a-1fb0c29d1ea7", "id": "CVE-2024-52316", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-52316 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:105b45a6-5642-55dd-976c-b0109bbea05f", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bbc5353b-6e7b-5ee0-89a7-8cea3ea8b9f6", "id": "CVE-2025-31651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31651 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b8043456-653a-572d-9922-0e4b6b0e8ea3", "id": "CVE-2025-48988", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48988 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:532c18ae-3a44-50eb-9030-ff462e7f3162", "id": "CVE-2025-49125", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-49125 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fffed9c3-0e91-5ec3-8afb-540297fdab11", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:01e6e64a-031e-55e3-bffe-1be15531ea88", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d8ff5a3b-91e6-5269-a9aa-aa09d6d8a135", "id": "CVE-2026-24880", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24880 is fixed in version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9eca7a40-e896-5f68-9c4c-f1bcbfc41a38", "id": "CVE-2026-29145", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2026-29145 does not affect version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-el. The official CVE record (https://www.cve.org/CVERecord?id=CVE-2026-29145) limits the affected versions to Apache Tomcat 9.0.13\u20139.0.115, 10.1.0-M7\u201310.1.52, and 11.0.0-M1\u201311.0.18. Version 7.0.109 is not within any of these ranges" }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fc6236b0-2df9-5e40-8b9b-4e97b987c274", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0c682b65-bec9-584c-ae24-90ebe5714399", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 7.0.109-tuxcare.1 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@7.0.109-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@7.0.109-tuxcare.1" } ] }