{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:e19a2151-f1a9-5cc3-9eeb-08227113277a", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.2", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-annotations-api", "version": "9.0.83-tuxcare.2", "purl": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:ba68fb2b-e23e-5932-a96c-2cb0ca463127", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.83-tuxcare.2 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:262d1f0f-caa5-561d-8039-a9bd976c2a06", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.83-tuxcare.2 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bd49eea5-545b-55d4-80eb-1465560b79b6", "id": "CVE-2024-23672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23672 is fixed in version 9.0.83-tuxcare.2 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a8cd7909-6e0f-5e20-a878-35c594933529", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 9.0.83-tuxcare.2 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:546d5fb1-7c97-54e4-b387-c32f25ce5f1d", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 9.0.83-tuxcare.2 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3b15afd4-b972-57c0-a434-5f4e2ab7d515", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.83-tuxcare.2 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c8b6cde2-836a-56db-8a16-6708bc29f104", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.83-tuxcare.2 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f369b80b-028c-5471-8f99-fe69f4270520", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.83-tuxcare.2 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:00f873cf-8e17-553e-956f-23f021e4a094", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 9.0.83-tuxcare.2 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0225370e-f317-592c-a3c8-1e711f2f21f7", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 9.0.83-tuxcare.2 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cab2091d-21d7-58ea-8aec-a53b11a6cbf8", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.83-tuxcare.2 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:180cc2bd-e25b-5564-8d4e-1aa311bed2f8", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.83-tuxcare.2 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e3fe18b1-5a5e-5edd-ac72-fe085fb2e325", "id": "CVE-2025-31651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31651 affects version 9.0.83-tuxcare.2 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7d7c32ac-3eb8-543f-92bb-b755a95b5eba", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.83-tuxcare.2 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:19be4b73-8f98-5b00-9d78-3558921d69f0", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.83-tuxcare.2 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d73cd6fe-4de2-56fd-82ec-8dac953e6bb2", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.83-tuxcare.2 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:603b0dcc-5cf6-5880-9cf4-f9db04418ca1", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.83-tuxcare.2 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1006c50b-d9c0-59c9-98d6-26619135fca8", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.83-tuxcare.2 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6df41b24-b12c-504d-be65-49500fb3fd48", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.83-tuxcare.2 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8cfab1af-5cfb-510b-b496-963384459a35", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.83-tuxcare.2 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a44403f3-245c-580c-a4c0-15ebe3347de2", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.83-tuxcare.2 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5a2d4e36-b018-5a08-8654-4ff2727cf5d6", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.83-tuxcare.2 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0acf90c5-c55b-5c3f-8c62-9f06160d5b6c", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.83-tuxcare.2 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a70c5180-3e6b-5797-9358-27edd81dbcf7", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.83-tuxcare.2 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4b1ec4da-66f3-574b-a99c-cf5fc4f6dff3", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.83-tuxcare.2 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3783d513-057c-5d9d-971f-a5d8a7614970", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.83-tuxcare.2 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ad62d6ab-ffcb-5666-8a15-ad8281d995e2", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.83-tuxcare.2 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.2" } ] }