{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:fef5cf1a-1cdb-58b9-8992-4704ce4bbdd7", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@7.0.109-tuxcare.1", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-annotations-api", "version": "7.0.109-tuxcare.1", "purl": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@7.0.109-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:81839b80-ee99-56d5-a931-f204e0f4adc8", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0b61ec9a-f314-5251-96a6-c1d242a532ab", "id": "CVE-2015-5174", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-5174 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:53e88e2c-50c4-53c0-821f-150864de6d04", "id": "CVE-2015-5346", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-5346 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:efcf6bf9-f705-5872-a4be-42e3ff82132b", "id": "CVE-2016-0706", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-0706 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f990b7f7-88ea-50fa-8923-828d2dfd9320", "id": "CVE-2016-0762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-0762 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a53aa4ac-92ca-5540-be7e-e11f27fae23f", "id": "CVE-2016-0763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-0763 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:39be1eb1-7e7b-5aee-822c-e94e13d38d06", "id": "CVE-2016-5018", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5018 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:df56836f-0054-5601-9f0f-234b2d9e21d8", "id": "CVE-2016-6794", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6794 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:34cf5c1a-40fa-50af-b69a-529c35a7859f", "id": "CVE-2016-6796", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6796 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ad2b8988-ed4e-5136-bc9e-58f277b162ef", "id": "CVE-2016-6797", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6797 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f9302c95-14bd-5ed2-8ef1-21603574f566", "id": "CVE-2016-6816", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6816 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3d94872d-d774-551b-961a-3c0d5d9993d1", "id": "CVE-2016-6817", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6817 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:aa14b923-35f9-56b3-afdc-a1a56ed26f05", "id": "CVE-2016-8745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8745 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:600b1831-c5a4-5fd2-af0f-02914c7bca7a", "id": "CVE-2016-8747", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8747 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ab415467-e216-572c-a00e-0104533ff90e", "id": "CVE-2017-12617", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-12617 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:162fc1b9-a26c-54d6-81a9-13ce8886e472", "id": "CVE-2017-5647", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-5647 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:73062770-8508-5c99-8d4a-60f797802ef2", "id": "CVE-2017-5648", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-5648 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:777784ab-b660-5808-9a5a-846bd4bf0140", "id": "CVE-2017-5650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-5650 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3bc7dcc7-36da-5165-b0f5-20d8c85bdd0a", "id": "CVE-2017-5651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-5651 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ad27c6ed-23a3-5e83-819d-5444feab3735", "id": "CVE-2017-5664", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-5664 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9e50162e-6f8b-51cc-a58f-c34c849a363f", "id": "CVE-2017-7674", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7674 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:440ecda6-2d3f-5b93-9d5f-23c0e37bd589", "id": "CVE-2017-7675", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7675 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fba75601-bed0-5723-97b4-6d58455f3468", "id": "CVE-2018-1304", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1304 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d4a9bbff-cd02-539c-803d-6c716a597574", "id": "CVE-2018-1305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1305 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4aa3dfd0-2a29-53a1-9b7a-6bf6c2788478", "id": "CVE-2018-1336", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1336 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0f66ded1-e544-5b3e-8db6-e46edcbd8949", "id": "CVE-2018-8014", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8014 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7a7350e4-65a8-5a6a-b853-74756ed8bece", "id": "CVE-2018-8034", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8034 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ffadc9ae-1902-5c2f-8802-103411255680", "id": "CVE-2019-12418", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-12418 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4f15aafd-ff8a-5beb-bef7-7a5b8229149c", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2c66fe0c-a09e-50f9-9170-7c912311ad74", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9cd157de-fcdc-547d-8c48-1bf5930464e6", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bf43ee1d-aa9f-5a45-ab4e-be68579aab42", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:419d9ed8-6010-5b46-bd1d-01d2a53c9ede", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c162e9de-c1e1-5dd4-9ace-c4733591d97f", "id": "CVE-2021-30639", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-30639 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2df0028d-0c0a-561a-97b9-c1229d111ee0", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:11789931-c557-5cbd-904d-ae0c5effdd30", "id": "CVE-2022-23181", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-23181 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e3a6a336-2355-5f7a-9219-9ab1c846b19e", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2ee369f9-c1f1-5f91-9587-b814947bbb41", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:32e1b4f4-a577-5c19-94e5-399b0e1e91dd", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c3d7e84b-61e3-54f8-b88e-16d23516c45b", "id": "CVE-2024-38286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38286 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2a1bdccd-2b7d-5397-b601-7ed3af63b0f6", "id": "CVE-2024-52316", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-52316 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7271af7c-fe81-52c3-9c02-2bbadd3b95e4", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bcc890d2-df90-5a6d-9476-0699f211c662", "id": "CVE-2025-31651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31651 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4fe64d6b-a65e-52c7-b853-77c74dbae29b", "id": "CVE-2025-48988", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48988 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:860dfb32-b834-5b85-8a75-c013801a925a", "id": "CVE-2025-49125", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-49125 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3f0baa7e-4d35-5f9d-b08e-b2aff37af45d", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c5ffe740-d1ae-51f0-9b4d-226d6a1ec5cb", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a1b7dc11-07fe-5d0b-987f-2b3e24e90fc6", "id": "CVE-2026-24880", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24880 is fixed in version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:734bff93-62bf-5f20-afd8-7a673066a12c", "id": "CVE-2026-29145", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2026-29145 does not affect version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api. The official CVE record (https://www.cve.org/CVERecord?id=CVE-2026-29145) limits the affected versions to Apache Tomcat 9.0.13\u20139.0.115, 10.1.0-M7\u201310.1.52, and 11.0.0-M1\u201311.0.18. Version 7.0.109 is not within any of these ranges" }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d48a78ed-33ea-583a-90b8-c19be0f19a50", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:812f2f66-6afe-5d1f-93da-aad1c76aed1c", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@7.0.109-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@7.0.109-tuxcare.1" } ] }