{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:41856eee-ee6e-575e-88ac-88fe8a0fc8ac", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.100-tuxcare.5", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-juli", "version": "9.0.100-tuxcare.5", "purl": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.100-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:54de57e6-81ea-5f52-b73e-61aac4a3a0da", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8250d292-e6fc-547f-86b6-5dbe28806853", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d77e5faa-89ea-50da-881e-fee4fe2ea380", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6cce0a7a-d53b-5c87-8821-217daf076318", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7b3b27b7-cbe8-55d0-9391-a7933238993b", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:400d73aa-32d6-53b0-bc97-3735dd994b71", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a6e330ce-e9fe-5f1f-9e7e-c6339a0d2484", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:fbd749cd-ee12-5ac0-9466-0be8b544ccfa", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:62e81576-6459-52fc-b9c5-9fa61a3ec8a8", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4e1c42b6-430a-579b-bcf2-9735930f9ab3", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:231c9d60-3dd5-5d33-8c20-c7c9a5e6c139", "id": "CVE-2024-52316", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-52316 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7824012b-29bc-56e1-852b-a30ccc499ce5", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:85250e7b-0a3c-5e63-b6fd-d95e2c2df3f6", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:339c303e-4b2b-50ca-b2eb-6c4d62417ea9", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b1e80190-53c6-5acc-b08b-d5df8e5f93c5", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5bbba2d0-7663-5feb-9f89-132c84ca1580", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:146b29a6-7103-5109-811a-e30e743e9beb", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2c50ab98-13cf-5f27-8880-7c5ad27eb2ad", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:de4b372d-5ced-5126-8720-8e7e220e493e", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:94b5123b-a32e-5f87-9d37-c60593df477e", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a0625343-ce4d-5de3-944d-71805990348c", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a583ab92-8aa3-5e74-96cc-72880923c942", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3732c476-c279-5616-b419-4277aac09038", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:89d7e770-52d5-50b1-9256-25a48b96245e", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:52a15f65-d020-5e55-921c-b7ceb7ed6a05", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5058be08-e125-5950-9d0c-351238d11add", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:fb41513e-fe51-55bf-a5ad-60a5e5454564", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:41350697-e52a-5925-a718-8907b540d1ed", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:861dfd00-dffd-5a62-8acb-a9c52afbdbd6", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5e1b0f86-dae9-5d89-a2a7-6d3b86f61513", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:91926e34-4bdf-5387-ab57-c4179de72f8d", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2d505120-67e1-5537-9b0c-868a38c5769a", "id": "CVE-2026-29146", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29146 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:296944ac-6610-5819-aff3-e379853b956f", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:71fb42eb-a807-57d0-89e2-e105dd135fa3", "id": "CVE-2026-34483", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-34483 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3de0015f-49a2-561f-a67c-6b6b299a031a", "id": "CVE-2026-34486", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34486 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c9bc4f0e-301f-5a17-817d-a36ef066a6f6", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f8099347-3bed-54df-bdcd-42a29acb67d8", "id": "CVE-2026-34500", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34500 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.100-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.100-tuxcare.5" } ] }