{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:103f18b6-5042-5709-9f45-8f476bbed24b", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.75-tuxcare.3", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-annotations-api", "version": "9.0.75-tuxcare.3", "purl": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.75-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:d07c3496-c02d-593f-9399-51f1734447cf", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:99600115-3db8-54a5-bf40-d28134a0dd50", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:05545b4a-7f3f-576c-aeb3-7668f604cc87", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bfe280b6-d03c-5f73-8190-d24a058417ca", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fe91f9a7-0c54-5a0e-bd65-17c7c01c6ba1", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f00a852a-8f8a-50ae-b794-0ef3d834668f", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ddde7767-f3ec-52c7-903d-5bc28b08cf53", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c12e5d78-4b3a-543e-a500-116b2b8755ab", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3c1cbe3f-25cc-5523-87f9-675ab881ff0a", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f5eb4f8e-6f90-5cbb-9e16-630b8f605cc3", "id": "CVE-2023-42794", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42794 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3b1bfb6c-8cb0-525e-b341-789440f44750", "id": "CVE-2023-42795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42795 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:73676df6-c174-5329-8d27-c02c367a0b07", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3a8a8dea-a4b4-5325-ac45-9cd59f463551", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8cfe9018-d7c3-5584-9592-f3da76e2b750", "id": "CVE-2023-46589", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-46589 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:87781837-aa24-5c8f-ae79-614e4b8d8ac0", "id": "CVE-2024-23672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23672 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8b52eb3c-9d55-5706-990f-fa771b619b6d", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:45248c68-a1e2-51a4-8ade-55b4b8082d23", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d2101991-6531-53cc-9ee0-1f4a38ce55a7", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3bfa65f5-26b3-5200-a736-9cd4b46780a2", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8a7f31ac-208b-5796-8633-d83e5d6d7ffb", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:69325c05-0116-5508-872f-91c099346244", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:68829eee-153a-5d19-912d-87a5741ad5d9", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f33f890e-4115-5220-b667-4bea4cbe375b", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:569a1769-906f-55be-8489-6876aa117d37", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:80cc60d0-3bc7-517f-8532-41d3863fe57a", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f65da58f-12a8-5768-ab33-702ba393998e", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3d4658a5-893d-50d7-80a9-2c1110897cbc", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f4275488-9059-59ea-98b3-fb489388e240", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5e66da6d-8668-56d2-9730-cbba4e6e3a2f", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:01874535-c79b-55dd-b13e-8d8a6a549095", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d72f48a3-a88f-598d-b8e1-14f9bae2310d", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a60e9151-2fa3-50b6-8a03-e93d6dfa44a7", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9d5ef882-409c-5121-b947-e05c70bb2ab8", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:574fd8fe-45b7-5aea-9b02-a1dfd20a53fe", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:911df41e-c1bd-5df5-a7f2-5b9ed141414a", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:05d4eb93-e590-592e-b2bd-c0dde4de7279", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0e9e0438-c335-56a8-b2d9-7bcdd990c0f1", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:aa798727-3458-51a7-9d87-3a24e9008a32", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8cf70454-8b93-536a-92cd-b85c97b40376", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:69992917-b2da-5cd9-b3dd-893f861d840e", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e1371c90-8c78-5aa2-89b2-1962a655e321", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a6d9e203-8682-53bc-87e5-a32b2dcf9083", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:724b9c6e-56f8-52d5-8cbf-391151e23dad", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:604d6241-23c8-5373-a3b0-208debdcda1f", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7fe65ef5-ed0e-5f62-ac00-862df68a3ce3", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.75-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.75-tuxcare.3" } ] }