{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:86962c67-a9ad-5317-a615-fa3ee533bad6", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.46-tuxcare.5", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-catalina", "version": "9.0.46-tuxcare.5", "purl": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.46-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:82abb8b7-d8d7-5c17-a641-97255f11ea31", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:94802e94-4ea6-5270-96dd-5a81121fd5c1", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a4d7d1b2-c1e1-58b3-ad63-d185578de1b0", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0067ae3c-38e4-5ec4-8f1a-723bcfdff296", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ec834f3f-e7f5-5004-abb4-8d01717adfab", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c4d676bc-b676-5f4c-b8c3-a6eb33d97e31", "id": "CVE-2021-33037", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-33037 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9e96c69c-7ed4-56a8-943a-49350963c328", "id": "CVE-2021-42340", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-42340 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7a6287e2-0b6b-589f-9869-28fde426b798", "id": "CVE-2021-43980", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43980 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:fb171a25-881d-57f1-8b01-16e99376886b", "id": "CVE-2022-29885", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-29885 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f66bc2ff-1da0-5961-b0d4-6c124a833d82", "id": "CVE-2022-34305", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-34305 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:66bdca08-e79b-5225-b8c5-49df6e5eac62", "id": "CVE-2022-42252", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-42252 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5c897384-bd44-5bb4-833b-a97587545f56", "id": "CVE-2022-45143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-45143 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:511744bc-2dbd-5168-a58c-fe9cbbbf6523", "id": "CVE-2023-24998", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-24998 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d9effbe1-c649-5756-a596-cd1fdf8db1b0", "id": "CVE-2023-28708", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-28708 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0a26bdbf-9c4e-556d-9378-057bc7fb2d4d", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:bb14a047-19ad-5f47-8608-7cdaa483704e", "id": "CVE-2023-42795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-42795 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:25616d1f-e1c5-5585-b7d5-15e6788b862a", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:82ea4fc3-65b6-5b78-968a-e07aa787795a", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2cb37056-d988-5f4b-bd53-b377384b72d9", "id": "CVE-2023-46589", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-46589 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f74ebff9-f6c4-5c73-849d-05549d5a613b", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2e0f9281-a54b-5083-9dae-25a71a2786e7", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1960d997-5ea0-5b87-a925-ebf0f0904342", "id": "CVE-2024-34750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-34750 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:79dd43e4-37b8-500b-9b88-f0f4ba5dbe79", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8615f4b1-488b-5938-8df5-85e1f4e4e772", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:55cf335a-f45e-5dfd-bfaf-6faf3e1991a9", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6a39f8a7-305d-5362-b2c2-4bc1ad9a47d1", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:14bb8590-6d95-5501-931a-f9e88219b687", "id": "CVE-2024-56337", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56337 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:fdef5863-6873-5a97-8698-fc72afe69e9b", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:18625803-ad6c-5ab6-9396-86fb64ec77fa", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b6de0298-34eb-5db0-90d4-b165bbd5a6bc", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f5344259-7e59-5b9f-8be3-80109099e7e7", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:fa603e4c-135f-5b3b-908a-5017aee2acf5", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ef259d8b-51ea-5bc7-89eb-13f47c202cc8", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b57b49f7-0846-529d-a38e-eadb14e3a87d", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4f6bddfb-60e8-5efb-ba89-b392b7022dc3", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b0aa7193-6818-500e-98d2-a750f6611c3c", "id": "CVE-2025-52434", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52434 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:92a33834-1d38-5d70-87a2-1f3b6d9b245f", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:45df5d63-a7b9-5110-bab6-765f71d95dd1", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:08708d7b-dbec-511e-b309-63da04a6484a", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5c32a2fc-9b37-5168-aeae-88c3d48b6f82", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b104be42-f96c-556b-baf1-f83730c50753", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c655c8ab-f5c4-53ee-b559-e3209fc2bdb1", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:81faf059-f436-50ed-8e7a-bf27367fd0e3", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d8ee7aaf-f2e8-526a-915b-c8dd86b3e03d", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4ca914c6-cbd1-5611-b8cc-7e3398d74db8", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9d94f02d-7a3d-5e46-9726-d8bb4fa99e72", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0eb7f19e-8cdc-5e57-b4cf-d121839e4efb", "id": "CVE-2026-29146", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29146 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b26b3d57-80a5-5229-983b-cc89aea9549c", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0c12eacc-0b2e-5c44-8880-4a20f27efba7", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5c4c635e-c238-570a-99c6-587d305a9de6", "id": "CVE-2026-34486", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34486 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f3284d3e-b971-5a43-b437-094c6190ef96", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.46-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.46-tuxcare.5" } ] }