{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:5b17e0b6-8b48-588b-96a9-1754314dd73c", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.46-tuxcare.6", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-servlet-api", "version": "9.0.46-tuxcare.6", "purl": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.46-tuxcare.6" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:eef59f22-af7a-5f5b-a323-5d2bf9df2f30", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:3660dda5-1b98-54d7-b138-5a6a97520fb5", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:e9a727e0-6d79-580d-b400-5915356248ba", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:089fd41f-4cf7-5606-8208-bc4b0ce59ea8", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:2b831ba6-c865-5b76-84c5-6b1cb4712114", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:c52f68a8-07f4-5715-ba6a-a5f98677a399", "id": "CVE-2021-33037", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-33037 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:ee0c0fe5-d482-5ecd-af8f-41f893d0716f", "id": "CVE-2021-42340", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-42340 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:ebcc1c16-da6e-5e3f-b02b-c36fc41cca9d", "id": "CVE-2021-43980", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43980 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:d96aa1e5-f095-5242-801e-b5930941a94e", "id": "CVE-2022-23181", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-23181 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:a917ced1-464e-5939-9106-40f376d765ec", "id": "CVE-2022-29885", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-29885 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:6354c221-b068-5d4a-b7dc-8f994ef5139f", "id": "CVE-2022-34305", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-34305 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:145c99e1-23be-513c-a388-df887f0281fe", "id": "CVE-2022-42252", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-42252 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:6442c9fb-8f5a-565f-af27-24c97d92a8c9", "id": "CVE-2022-45143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-45143 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:fba3bd8f-6a87-5e8a-b20e-eaca28afce79", "id": "CVE-2023-24998", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-24998 affects version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:441b7657-7c28-5796-ab73-0807c8888530", "id": "CVE-2023-28708", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-28708 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:22aeaabe-0618-568b-80aa-025303d66ee2", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:506d6d9f-d4ea-521b-a202-db5ced68de9c", "id": "CVE-2023-42795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42795 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:7f17751c-361d-5c7c-bd6d-f951391daaf7", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:3130dfc5-e8c8-5bb0-9a6a-538bd040145d", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:c1bf7f5d-82da-5ec5-b3f9-7f02b4e1329b", "id": "CVE-2023-46589", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-46589 affects version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:bd72583a-5f61-563e-87d4-6dc2cbf0d06f", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:c2262105-5a5a-5526-a096-7b9f0dc610d2", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:eceb3905-0593-5779-9713-fb09c83326c9", "id": "CVE-2024-34750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-34750 affects version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:f64fe379-afcd-581d-b5b6-d97d7dc76f6c", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:863d17ee-d934-5533-9c77-4db4cfa558e7", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:1a29d849-a74f-5954-b96a-e6a73f06f1e4", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:5a09433d-8e38-5e80-80e4-c3eda6016017", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:0b96e7d2-f522-50f4-868b-f21eb3c555d1", "id": "CVE-2024-56337", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56337 affects version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:81733445-b7d1-5a6a-aab0-9f81219ff239", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:f3d4ffbc-1127-554a-9bae-90fd8ffec7aa", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:436132be-20c4-59e3-897f-8a65f9d384b0", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:b1035227-3115-5f6f-9c5f-4b9498c7228f", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:9f97dd1e-51e6-5ad1-8c43-fdc8a9b0d289", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:40ab5f4e-3dfe-5c05-a122-0c643fc14a28", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:3f5a3b0d-bb91-51dc-bf69-f5d26f99de11", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:455af758-28f4-59d3-b301-0dac8c8fd55b", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:fe9a59b6-a854-5c48-b1d7-4951cfb5f3cf", "id": "CVE-2025-52434", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52434 affects version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:3d41c2b4-7284-546f-b7df-e4d27f986b0f", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:5cc41788-0201-54d8-8260-276072a256ff", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:0bd7cb04-47dc-5202-8c53-dbf1022de22f", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:9b1b2539-f1fb-59a3-9f3e-2aeaaba4a8ba", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:92679389-6eb3-5f9e-bb05-0e46121c7194", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:e84609ae-e5d7-5fda-98e0-c8eaac421f48", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:318589d8-13d9-58f6-be94-7159857e6714", "id": "CVE-2025-66614", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-66614 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:d39f7a3f-65b0-57b6-95fa-60e3dc403290", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:ca9dddf0-fbfd-54b3-b3ba-f98abebb156b", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:193b3807-4b8d-5e70-b071-eac66a01aad2", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:8388df88-56b5-5066-b0ab-a96d794d6593", "id": "CVE-2026-29146", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29146 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:65838ae8-02a5-5011-9ea5-031ace7e2246", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:b89f70fc-9ee7-50dc-9f23-915488cb225c", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:5cdcf902-2042-5150-b381-ae0234b2535a", "id": "CVE-2026-34486", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34486 affects version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:c69ad1f6-38fc-5d44-a9a7-6d9e66cfe8bf", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.46-tuxcare.6" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.46-tuxcare.6" } ] }