{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:45331c69-d09b-5291-bc9e-7824be5ce532", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.46-tuxcare.5", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-coyote", "version": "9.0.46-tuxcare.5", "purl": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.46-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:7302507f-8d45-5e66-b83e-1a18c3344ae5", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:13ad96f5-a044-503a-93d9-07870c51f8a6", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1f13ae95-5535-5a30-af84-91cfc7f19898", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7485d15e-6a8e-5adb-899e-2e38647bf438", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:df8dd413-0795-51f3-afa8-6c4a217c2a3f", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:59f602fd-9a34-5aa8-b006-33685d820025", "id": "CVE-2021-33037", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-33037 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e693b072-0020-5133-824b-aa542046a84a", "id": "CVE-2021-42340", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-42340 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ecea0ab1-c288-59c1-9837-15c9a7f4609d", "id": "CVE-2021-43980", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43980 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:85e94b70-e3fa-5427-8fc7-d6ad1c097c2b", "id": "CVE-2022-29885", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-29885 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9347943f-f49c-53b2-a598-3f3de3f3a03a", "id": "CVE-2022-34305", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-34305 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7652471b-e3f0-5671-954e-7964308a52c0", "id": "CVE-2022-42252", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-42252 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0117bdae-05ab-52d6-8010-1427933301c8", "id": "CVE-2022-45143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-45143 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:11185c25-a022-5471-9378-dbe591733d25", "id": "CVE-2023-24998", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-24998 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:095bccd9-33e1-5ac1-a02e-5dedf08b8188", "id": "CVE-2023-28708", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-28708 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:695b68be-9585-5d23-968e-2b666f95e24f", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ef39c5be-f276-5d4e-8ea1-9766f8754c8f", "id": "CVE-2023-42795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-42795 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4252bdbe-9e1b-5dda-a91f-e33f56df2762", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:23b809f9-9eea-55a8-9edd-b8ffbdca7ca3", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0854a11f-c7b7-5e38-b36b-fd8b3e08c6a8", "id": "CVE-2023-46589", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-46589 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3f7a3208-79d5-595d-9af1-d715081bb495", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:dc82f971-bb6c-59c7-813f-06c22bc59ef6", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7d5150bc-deb4-53ec-bdf0-943e397ea727", "id": "CVE-2024-34750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-34750 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e3bf7d53-ccf1-5ede-ba37-31b904016fc3", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ac78199f-61dc-51d8-aaf5-99cc9180e887", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4626daa1-d8f1-516e-836d-8e8581aff107", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2869cafe-e1d0-58ec-abb6-39998ade5dcf", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:cc37fa74-db0b-5517-a05f-8f5ae562fb9a", "id": "CVE-2024-56337", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56337 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9d5df4e1-18a6-51f7-9f51-075fd0568d67", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:69dadb3a-1a85-5dc9-be7c-065adb67b982", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:bc7ce96f-ee4f-5028-a25c-dd4e6510defa", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b789f385-5ec8-5880-9926-b4f789625b39", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f54caff0-2702-5408-8f73-1df7aac2c188", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:579f0c9b-95b3-5375-87d0-513dbefbce16", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9c65e6e7-c8b0-5aa9-a5f7-bf7b6d146a7d", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1921cd32-0ef3-574c-85a2-7adf9412a381", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7b63cd03-b49f-50ee-ad16-5ddea75f4126", "id": "CVE-2025-52434", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52434 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:cd5e8b17-5c8e-50e4-91eb-301669c84b75", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5e07c9a0-fdb4-59f3-aea5-69e7b70268a3", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4cb9e6a1-de45-5922-a524-2fe4f87152b8", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:24405a9d-ab93-5ba7-ad3d-2957f630d537", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:bc66e5a1-8a36-5568-86be-c54d334e5550", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2a57d098-f032-5a00-8b78-f93d9dfae735", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9ee4fd38-547f-5494-a75f-d24d2e66bd63", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1bb4b1ee-45cf-5ebc-968c-4f76f6696ad5", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:fdf70c50-b44a-5c54-ae42-f281266bd945", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8c633b18-4609-591f-a8d9-9e2057f3a1fe", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5bd4a44d-e942-5d13-a498-9c5ee45eebdc", "id": "CVE-2026-29146", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29146 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:bfb3232e-9b1b-5a25-a6a4-e34a08d5b488", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:63ef9e65-3e5c-5504-9d41-e1332f3c2d4a", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ae9e5609-26cc-55da-ab3b-d6d25e66696f", "id": "CVE-2026-34486", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34486 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:832dec9b-4afa-5c40-bfd9-e07e0d5ba5d7", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.46-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.46-tuxcare.5" } ] }