{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:90bbc25b-cf56-5a89-a052-09daa75ad490", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.87-tuxcare.6", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-api", "version": "9.0.87-tuxcare.6", "purl": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.87-tuxcare.6" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:d48ddf1d-7c28-5f8f-8796-973b32e5715a", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:e4b15e01-0213-516b-ae3e-e9b0d9fdbe84", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:9ecfb86d-7baa-51f4-abe5-d5ece4cf2ede", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:528cfa9c-7ff6-5a9b-90df-d23f92786591", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:5d440de9-a00f-58cd-a270-0b193a617285", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:256df2f8-8c2e-5977-841c-16ef81f7475d", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:0f83abbf-ec17-5270-bea6-1ce9c49e19b7", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:cd9aeede-a60e-5995-aeb9-508765e70e71", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:20c4c008-5b24-530a-84d2-14045a6fc26d", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:b86fc24c-987e-55af-8f11-3ff30287143d", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:30cc565f-7636-5423-bdea-c53b3cf2ecdb", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:54e07051-6842-5806-96c8-94f58e3b940a", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:bddaaae6-e4ff-5730-9c58-ea999e732e85", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:f58ce529-ff45-5ade-8287-fa8a2dfc9734", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:21eb9ef8-3f18-5868-8a01-b34b6a4229f0", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:d0dcb120-3c7f-57e0-8ecc-e45a8bab90a7", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:4fdc9ae6-61c7-5976-917b-7feaca80b267", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:03bd04d6-2c18-57ff-9585-cdbc52357f38", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:5e9d893e-9fb8-5793-a83c-44d7d4c2edc8", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:e6499000-af9d-50da-8922-18c5e65758b7", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:79ff67fc-d941-5ef8-91ae-19b312ef9bcf", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:94f69f26-6197-5455-a393-6229a879bdd9", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:52363163-14ca-5dc2-b774-10191dd6bcf0", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:7f31153c-605e-5d54-9fee-4cab55253f14", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:e1a2ea45-6c3c-58bf-9c31-564c2e685209", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:27e0a8c5-f5cb-532e-9572-9741698fe015", "id": "CVE-2025-52520", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52520 affects version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:3958c9f6-7d18-52bd-8d0c-988bbe7284eb", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:eff80512-1aa5-5c27-8245-1dad90a5378f", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:298a6348-0627-5dd7-8394-f915734ea551", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:798edf53-3c1b-52cf-8a5b-ba8724fea7c3", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:283c1f3e-1520-543f-b8f1-3b48285af1f0", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:5957e9c4-df13-5345-acd7-0c16f9cddcfe", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:d77ae8c3-b942-53d9-b575-daf39d08b532", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:16f7e913-f20f-5050-a0a2-0476b258c649", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:41e4e693-4aae-55e5-ad37-39667619a062", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:83318237-6784-585d-a69e-5a393bb4a2b9", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:924f9ded-6778-5e48-8269-4db596668eef", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:3e451986-699f-563f-91d3-82ebf6f0cbbf", "id": "CVE-2026-29146", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29146 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:275a457d-d972-5c34-b64d-70f20dd7fa14", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:b12d4d48-e50e-5fb7-bc36-d6efa7ed597f", "id": "CVE-2026-34483", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-34483 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:10d657ff-50ad-5ff4-a830-f034c9156f9b", "id": "CVE-2026-34486", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34486 affects version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:8e499a1f-e0f2-5465-af25-34d816a6206d", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.87-tuxcare.6" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.87-tuxcare.6" } ] }