{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:eea5e51f-b486-5f5d-943b-f7075ad8e454", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.1", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-annotations-api", "version": "9.0.83-tuxcare.1", "purl": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:43ca53ef-3fff-5c03-bbff-7f3a48e1061f", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.83-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:413c71ed-1743-5f8d-ae57-c0f79d28d37e", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.83-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e5b05a20-36e3-5013-883d-e371beb529d1", "id": "CVE-2024-23672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23672 is fixed in version 9.0.83-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ab5e0eeb-f0c4-572a-b65c-3afe429f66c1", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 9.0.83-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:481762f8-f2bd-5bde-a3a5-05c3d82287e4", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 9.0.83-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a6db224a-8fb0-53a3-8e43-7144afbf15c7", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.83-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:88f893b2-dcb7-5c17-b247-b64642eef13e", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.83-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b10e70da-2c08-5d91-9a4c-08a87a36a686", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.83-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5219c2ec-93f3-50f0-9e46-d7088fe5aa90", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 9.0.83-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:acddb96e-8d59-5819-8b7f-6705dbf65eb2", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 9.0.83-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a887e398-5b34-54c4-95cc-02c1c2d8a758", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.83-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:16eead45-9e93-5734-93b9-502fb635bdd3", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.83-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a376eb24-693c-5bc5-bbe2-d19d9a42fa1f", "id": "CVE-2025-31651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31651 affects version 9.0.83-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f0f4586b-9c22-5a11-9586-b81ef8c017af", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.83-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:10082902-aa51-5622-bd71-027c08ec5df3", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.83-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f1b1a913-5101-5628-bd18-78847028d593", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.83-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8451f56e-6ac0-5193-b831-78e5c4e67637", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.83-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1bcb9e6d-fe64-5457-9ae9-65e00d388578", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.83-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:76a11603-43b3-5492-b25d-3f44d077f2d1", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.83-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:27983965-fc00-575b-9c80-f0fc6ca9c316", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.83-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d0c2cadc-cb96-5fe5-9ff4-77146af34302", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.83-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c21252cb-79f5-5bfa-862c-5ddc0384cc78", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.83-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d7cd17f6-c0cc-5f2a-bdd6-7a4378509c6a", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.83-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ac8d8acc-e2d9-5b8b-b07d-34996fd671cb", "id": "CVE-2025-55754", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55754 affects version 9.0.83-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:112270c7-0e75-5927-871b-3b72cd05289c", "id": "CVE-2025-61795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-61795 affects version 9.0.83-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3a69f29e-99b3-5ec3-bdee-31ec676390ac", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.83-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ec5d3937-8fda-54fe-83d3-ed61f8b65e02", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.83-tuxcare.1 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.1" } ] }