{"schema_version":"1.6.0","id":"ROOT-APP-MAVEN-CVE-2026-29129","modified":"2026-06-17T15:33:12Z","published":"2026-06-17T15:33:12Z","upstream":["CVE-2026-29129"],"summary":"CVE-2026-29129 in io.root.org.apache.tomcat.embed:tomcat-embed-core - Patched by Root","details":"Root has patched CVE-2026-29129 in the io.root.org.apache.tomcat.embed:tomcat-embed-core package for Root:Maven. Multiple fixed versions available.","affected":[{"package":{"name":"io.root.org.apache.tomcat.embed:tomcat-embed-core","ecosystem":"Root:Maven"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"11.0.20-root.io.1"},{"fixed":"11.0.20-root.io.6"},{"fixed":"11.0.20-root.io.7"},{"fixed":"11.0.20-root.io.8"},{"fixed":"11.0.20-root.io.9"},{"fixed":"10.1.53-root.io.3"},{"fixed":"10.1.53-root.io.4"},{"fixed":"11.0.20-root.io.10"},{"fixed":"10.1.53-root.io.5"},{"fixed":"10.1.53-root.io.6"},{"fixed":"11.0.20-root.io.11"},{"fixed":"10.1.53-root.io.7"},{"fixed":"10.1.53-root.io.8"},{"fixed":"10.1.53-root.io.9"},{"fixed":"11.0.20-root.io.12"}]}],"database_specific":{"all_fixed_versions":["11.0.20-root.io.1","11.0.20-root.io.6","11.0.20-root.io.7","11.0.20-root.io.8","11.0.20-root.io.9","10.1.53-root.io.3","10.1.53-root.io.4","11.0.20-root.io.10","10.1.53-root.io.5","10.1.53-root.io.6","11.0.20-root.io.11","10.1.53-root.io.7","10.1.53-root.io.8","10.1.53-root.io.9","11.0.20-root.io.12"],"root_patch_version":"root.io.12","root_patched":true,"total_fixed_versions":15,"upstream_version":"11.0.20"}},{"package":{"name":"org.apache.tomcat.embed:tomcat-embed-core","ecosystem":"Root:Maven"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10.1.53-aikido.9"},{"fixed":"11.0.20-aikido.12"}]}],"database_specific":{"all_fixed_versions":["10.1.53-aikido.9","11.0.20-aikido.12"],"root_patch_version":"","root_patched":true,"total_fixed_versions":2,"upstream_version":"11.0.20-aikido.12"}}],"database_specific":{"distro":"maven","distro_version":"","severity":"LOW","source":"Root"}}