{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:c1d8e401-f5da-5111-9d98-93c23276c6f6", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.87-tuxcare.6", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-juli", "version": "9.0.87-tuxcare.6", "purl": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.87-tuxcare.6" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:84982287-7a75-5605-b2a3-1e612bade4ef", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:962a2697-3f50-5100-b558-dc6a9932d68e", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:47aaf050-5541-5995-bf1a-a7f98d743c6b", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:9ae2060c-4c6e-5ec7-8735-f274cff4b856", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:0cc4ddd8-8bba-5070-97f6-6181d650c61d", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:870be047-5033-5fd6-9b6c-49544ba271cc", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:9e49f117-f612-5aec-9a72-1e0dd83cd334", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:0d50c6e3-5c04-5e24-8f84-46c6be26e186", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:b1e62cad-fe6e-5736-98ec-bcc72e8b2a58", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:9699c8ae-6cbd-5c9b-a422-1a7f93a87bfe", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:35abbc28-2a4a-54dc-b52b-8a19368f3763", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:a2d04ac4-c4f1-5991-8d49-c48015027bcf", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:13a3cd95-3e29-5829-92a8-a89a43b14144", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:a5c456f2-e97b-5fb9-86e8-cf2b21ac8f67", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:1a578646-9a49-5a9c-8cdd-88ab2708ce3b", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:8a3cbbec-1316-5932-9069-d405325b1f93", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:fecf0dc6-b7c3-553c-bce7-7f0835d11b9d", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:13a783b1-bf8b-5103-8a11-c91e6d73050c", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:703b0312-bdb6-585f-b04e-fb3fb52e57d5", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:ba8cc3b3-7cce-52de-95e1-3ea90334d994", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:d5ef1554-fc3b-5da2-b6f7-bd1c5883d27e", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:3089cf48-43e5-5ba0-9c4c-f4d530929793", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:19fbe02e-1df5-5dde-a3f9-d331ff7f8792", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:41b0788f-3568-5191-8eff-5e11382beda5", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:7c74a15a-6a79-5846-9ba4-8961581254bc", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:905246ae-7876-5e55-bf02-b79e7551b5ae", "id": "CVE-2025-52520", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52520 affects version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:ecf92f54-2cf1-595d-99b6-04f67efe6baa", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:8d204e76-5381-5154-a8ff-78fa93f46f97", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:50e59cae-d1a5-56ad-b32e-a779b89589e0", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:0d7d89ad-358b-53da-a31e-abfebaa43503", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:42b68d57-0315-59a0-a79d-276fddc147f3", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:46d72631-f82a-5dc9-af38-1964063ed6bd", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:00feb3b8-4318-5577-b165-47e38df0ef39", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:c07b6667-a1bc-50ee-bdc6-5d2b04b35a1b", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:5656d6ea-f7a3-5cb1-b48d-d7a9a38705ff", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:523899bc-5db2-5f69-9f1d-a65f4e318ebf", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:1a5db026-2cf4-5038-9e59-ca1ff00fcc62", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:6de8bdbf-2741-51bc-b46f-c8d0eddf8ae3", "id": "CVE-2026-29146", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29146 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:a92b32c3-f686-5674-98dc-0ec517541adb", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:b892e578-75cb-5b66-93aa-7fd7aef438d9", "id": "CVE-2026-34483", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-34483 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:ec99f237-3826-527d-a048-bc4f91edba8c", "id": "CVE-2026-34486", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34486 affects version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:c0802bd0-e613-57ec-9e03-5074c7e2be00", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.87-tuxcare.6" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.87-tuxcare.6" } ] }