{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:9820bd88-269b-5c96-a292-3996c0c61cb5", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.100-tuxcare.5", "type": "library", "group": "org.apache.tomcat", "name": "tomcat", "version": "9.0.100-tuxcare.5", "purl": "pkg:maven/org.apache.tomcat/tomcat@9.0.100-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:bc06cd3d-1dd7-5ae0-aec4-6dca850d2f99", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:73816528-17a4-585c-84ea-b3fb68f575c1", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:fd8934fa-12be-58c1-bb31-af980a78894a", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ca0ba9b5-bf28-5fc6-9034-ea6b37aae6a7", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7c868368-ce30-57c3-9e11-58b34798a76a", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5e432a94-110c-5d8e-8d34-7b0428d5b969", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:baa016bb-1030-569c-a162-59fd7d08ebe1", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5cd25a96-43fe-5e3a-bb49-87b21902c84d", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4bdf70d2-5f89-5844-b075-31b03629b46b", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:37deb6fe-a1ac-57b7-bf2f-bcc2db82056d", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3c361b27-f179-5b7f-8ede-6d870c07ef59", "id": "CVE-2024-52316", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-52316 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:51f853fc-c05a-5625-adda-5909e826678a", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0e8df4ff-0419-571d-b360-e6fbaf7044b1", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:eced1064-a667-5ac9-bf19-67cf36fb3d0b", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4bb4f3ca-fbd1-5174-a5c1-1b4216e0e555", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:00255319-9280-5f91-80e2-b06b0e2d3272", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:50539e42-2fc3-5a3c-b07b-7768002f1167", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8d4a4ac8-6489-5b92-bf64-9af4e5b506dd", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:15e4af6c-176d-5e6e-8d4b-4aef31d170d9", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a92679f0-a393-5c16-96a5-c5b9b9f66387", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9dd71ec5-19d0-50a4-be78-98fe434e4822", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:98c4ebbf-7af2-5cf2-8472-af127f42130a", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c578d0dd-c5c7-5ad3-bc2b-39e9c0d425bd", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:58429c55-162c-5005-a264-1300062b0b3e", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5a702128-cc3f-5dca-9894-5fcdc81517f2", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a0d3a4c1-2406-5f80-b8d1-7b450dd9d4d1", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a5f0fa14-3473-58ee-81b6-470447c3ac8a", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8dae9f92-321e-51b2-9491-8c158d3344b4", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5e18766d-585f-590a-bbc7-12d012396209", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:378719f0-1529-5417-8a38-6f4094f5ad1b", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:fc4c8bf5-a2b2-5b4b-b0bc-ade0557fd76f", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e4356e4e-c6a4-5b1b-ae39-6f4fc13aec01", "id": "CVE-2026-29146", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29146 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5e2612f9-1d9d-5485-9f26-332d9ddcca66", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c0e91251-df1d-5562-9e2c-521568c1f3ae", "id": "CVE-2026-34483", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-34483 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4bfa63bd-6776-5e5c-bbbf-0b66e35f0587", "id": "CVE-2026-34486", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34486 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2529880b-87d5-5531-a080-1874f8e551a6", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d0a38cd7-02f4-53c9-8f5f-e423654d57a2", "id": "CVE-2026-34500", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34500 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.100-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.100-tuxcare.5" } ] }