{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:84cecf68-17f8-5e3a-b450-0a42b195d70c", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.50-tuxcare.1", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-annotations-api", "version": "9.0.50-tuxcare.1", "purl": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.50-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:8c5304db-ba5a-55d7-b698-52dba9dcae72", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d3d5a394-8c38-5380-b1e3-36730098f82a", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f41fa533-c5d9-59d1-95da-cb687c326790", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3c281f53-cf74-5da3-b3ec-228a48ff1766", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b0453302-e2f8-5262-87b4-aa207e2bff3c", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:377ec0b6-b646-59dc-9559-a912a112a43c", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ca47447f-da77-5599-ab66-fef839b3d3cd", "id": "CVE-2021-43980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-43980 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:26643bdf-3955-5cab-932c-1dd12eab5ffa", "id": "CVE-2022-23181", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-23181 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f78dffbf-6264-5b08-a4b8-0c4b43f9378a", "id": "CVE-2022-29885", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-29885 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:95c9dcfb-2976-5d64-b408-d1e8d3c64e11", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:46b95fab-b56f-53e9-837a-ce6115263a19", "id": "CVE-2022-42252", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-42252 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:73c242a0-4360-5325-96f6-94a5111cd945", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bad8ead1-386c-56e3-b59c-b2e5b5c40958", "id": "CVE-2023-24998", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-24998 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d5b60936-d896-57ed-9ea6-e71c96b0eb75", "id": "CVE-2023-28708", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-28708 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:398b5412-1065-5cf7-a2a1-cc6d221bbacc", "id": "CVE-2023-41080", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41080 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:232560aa-2593-5cfb-8937-9c93fbdaf0ff", "id": "CVE-2023-42795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-42795 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6da5a6d4-db4b-5ce7-9388-5980a7ce6d62", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:02ba5245-f4f0-5ce1-b9ce-167b5a125443", "id": "CVE-2023-45648", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-45648 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:59395016-fb26-59ad-ae8c-442e5fc66e0c", "id": "CVE-2023-46589", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-46589 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c94d4196-01a8-5c0d-aa53-7e8a3a64c1b7", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:64690b5b-36c5-5488-8568-cce77c032456", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:630127fb-48fb-5492-8445-28c31675bd4c", "id": "CVE-2024-34750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-34750 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5097edc1-5baf-5aff-9105-d7ec7f0eee35", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:27162412-bb4d-5368-912d-fd2d7e2c082b", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:687412e7-6c5b-53a8-b179-74eea4a84587", "id": "CVE-2024-52316", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-52316 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e3a94ae5-f10c-55e1-ae0c-2340a2e6cdb2", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6d9ee869-a736-5996-ac5f-fddfe50b50e6", "id": "CVE-2024-56337", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56337 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f06a221e-19bf-5a1e-8128-3793bb6423a4", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a7618e48-af0b-540e-bbd4-e55e28e150f4", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:99144d66-8a6f-5a5e-954b-40555c46d29d", "id": "CVE-2025-31651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31651 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e3443da4-bc16-543c-83b3-ec14896ace2a", "id": "CVE-2025-46701", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-46701 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:82bd32cb-bf2d-5b10-9d21-5f3485bb9f8c", "id": "CVE-2025-48988", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48988 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f4b261f5-6958-565c-b418-c8f628e4e1f5", "id": "CVE-2025-48989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48989 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:04848b8f-818f-5663-b87e-6418c2fc41d0", "id": "CVE-2025-49124", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-49124 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:88462bb5-4b4d-51ef-82a9-f963632fb4f7", "id": "CVE-2025-49125", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-49125 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cf44dad5-d9c5-5a4a-958a-b494d0f99323", "id": "CVE-2025-52434", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52434 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e7a61112-b3bf-5044-84e3-70fdf6ba4b26", "id": "CVE-2025-52520", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52520 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2cc75eea-ad72-5e4c-8b3e-c8788dca9a89", "id": "CVE-2025-53506", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-53506 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6f20470d-e38c-5fc7-8768-52d8217b8dec", "id": "CVE-2025-55668", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55668 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d7a40ac3-4cdd-5771-8da4-b469151953bc", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6577d8f4-e1a4-565f-a633-11875874dfdd", "id": "CVE-2025-55754", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55754 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e7b526c3-bff7-5501-95a1-e00bc6b6f4bb", "id": "CVE-2025-61795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-61795 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4a254879-a9a0-5179-a116-9ad001098301", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:34aee137-9242-59de-9e28-bd0885d63c0a", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9df252f7-3b01-5ffa-8fe0-ed0d64f9c532", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5ed37666-fa76-5a92-996c-95caebb30008", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d4bdc540-7272-566d-8bf0-5e74118d5402", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3f3ad7fd-dc51-5490-957c-e32d64a593e9", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ca818553-a47d-5613-ae39-1977884f812d", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b5f1b8a2-2f13-56f5-b518-b23c3d149668", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.50-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.50-tuxcare.1" } ] }