{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:ba3fa4b2-861d-512d-9799-d14bf81cc790", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.3", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-annotations-api", "version": "9.0.83-tuxcare.3", "purl": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:994e2c4b-690b-5392-9623-c997af89739c", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.83-tuxcare.3 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:91c4bd87-2860-59d8-9727-58cdc954da93", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.83-tuxcare.3 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9e374d60-e15e-5c2a-bccb-6d981fde028a", "id": "CVE-2024-23672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23672 is fixed in version 9.0.83-tuxcare.3 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:620b658a-06a4-5027-a00f-4a59db8758bb", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 9.0.83-tuxcare.3 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:defa3d0e-9188-534b-ae63-37ba7c19629b", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 9.0.83-tuxcare.3 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:76f7de0e-ef3b-507c-9797-453c16b371c0", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.83-tuxcare.3 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a994cd65-10ce-5828-bab3-2a1d9c869614", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.83-tuxcare.3 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e193f728-1cef-597e-9452-3be845d49c71", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.83-tuxcare.3 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e70861db-7c7f-54ae-a5bc-b0ac927a03b8", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 9.0.83-tuxcare.3 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3df5635c-4373-5e70-8bc7-3bceec85eef3", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 9.0.83-tuxcare.3 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c1d09507-4c89-578e-9778-56f4bf07b5ab", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.83-tuxcare.3 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:190ab3c6-ef8b-5365-aac1-bb9c731c42db", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.83-tuxcare.3 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:350ff19b-195e-53a5-8679-57449326c148", "id": "CVE-2025-31651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31651 affects version 9.0.83-tuxcare.3 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d5e0b78d-4008-5db2-a703-a629f0b479b8", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.83-tuxcare.3 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d4c0ac27-babc-5ef6-b96d-9a38ff1ec9c6", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.83-tuxcare.3 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bf69a725-633d-545f-94e7-fe1374b05a46", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.83-tuxcare.3 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d8756cf5-1320-501e-93b1-440a74cf6365", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.83-tuxcare.3 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3214265c-4f1d-56e7-9d0e-4db41cc533ff", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.83-tuxcare.3 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f68a7d1b-bcf6-5d58-8de4-89e19ae431e2", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.83-tuxcare.3 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:60394fd0-9dd3-5404-b2be-f5cc55d3b279", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.83-tuxcare.3 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b3a780c0-4019-5ae7-a53f-f166229e4daa", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.83-tuxcare.3 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:933a57aa-0437-5d78-bcb5-50615fc1a46b", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.83-tuxcare.3 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b52fe4c4-8a36-5184-bbdb-ae875cd1600e", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.83-tuxcare.3 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a64fbbfd-3d49-589c-9785-c3108acf1c0f", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.83-tuxcare.3 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ba48fc06-6947-5fe0-b47a-f2098f5cb6c4", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.83-tuxcare.3 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a6712217-f34a-553b-8427-29bb93caa7d9", "id": "CVE-2025-66614", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-66614 is fixed in version 9.0.83-tuxcare.3 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:38d3b862-425e-5b10-a999-5be00e6700f4", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.83-tuxcare.3 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.83-tuxcare.3" } ] }