{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:3ba91cb1-4b67-54eb-bb66-e30f511b1a45", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.87-tuxcare.5", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-annotations-api", "version": "9.0.87-tuxcare.5", "purl": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.87-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:faa58294-12eb-5ea5-b3f6-7bc7db6af41c", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0c61bd6a-c2a4-5869-aaee-a2297b572bb6", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:de9e9ff8-7fad-5428-9df9-8842d2888ad7", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:71e3689d-6474-5e7d-8749-685bc7af65c4", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:06a07400-721f-51a9-ab82-c919b896b9d8", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:16822217-6670-5e05-956f-b274512c0eb8", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:26d0ff09-4658-5df0-8586-4d11e15b7d61", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d55ff1cd-985b-5dd3-9e3f-4b87a4f65197", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:97c49858-b38c-51ce-9b8c-b0974529f9df", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:be1904d5-ae1e-5d70-9312-5c28a103b73e", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0f6f7f8e-7688-5a42-8949-596419f692a6", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c0fb754f-1a0b-5ca4-8546-8192ab80b99e", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:817125b9-b1e9-50ec-9e0a-18893cfca26d", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d246a439-cffa-56e8-b179-fe1fd634d9cf", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c1158e64-ade1-548f-be57-a06d79eba917", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:431fea3b-883a-587c-a048-b61d2de6c8c6", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:08fc1552-1c91-531b-8206-5bd627458dc0", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:de301e52-3b4f-5ee8-bd19-49727329c269", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:258931bc-ab8d-58b2-b3b4-e784c0b4023f", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:74c99cc2-e75e-52ae-8750-95c81de62cf5", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:45d2f8bb-7282-52d9-959a-1668bc05d4f4", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9e838f5e-6ce0-52ce-a855-c42fff5b1e1c", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6c13fe9b-558a-5125-a7e6-4bd3443607d4", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8c3aa52e-1bae-5b81-a26d-d72a53d0dccd", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:842b0ba2-04d8-538c-b8b5-d306030ba154", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:18b17918-df31-53f4-b78f-e4d51eca5e51", "id": "CVE-2025-52520", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52520 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c830da4b-8fab-53d5-a443-d20b507752e8", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:09ced4a1-033e-5276-b95f-deb80c2d3e7c", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:151591b9-14d4-5ac6-b3e2-d7e9ea28cf28", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:949faf31-2b7e-57e5-8f8a-3fef22032f90", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:15b4bc7d-172e-5584-9659-d3a6d978ab07", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b84e5cc0-d0d4-5ca7-9ea1-f1d63c027fab", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5c2b1d29-0a77-5b92-8751-d2c1a448b01a", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5f632338-65d3-5f18-827e-c074a92be45a", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e3ee8499-b292-55e4-8b3f-d3fde856b5de", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ddc20e9e-0ade-58fa-834e-d2371586dbc6", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3402b62e-ffac-5ea1-8f17-3d3f9a7a7958", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e7c9ad9f-01c9-5144-9a75-4458f9d01e90", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a18bc92e-012f-5799-9336-96a8f7ff639f", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:661a745b-982d-50ce-bc26-12644ec6fb37", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0cbc271b-9cba-553e-83e9-3d5e19a78de3", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.87-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@9.0.87-tuxcare.5" } ] }