{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:944de691-7a4e-5d92-901b-fce92220a5b2", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.100-tuxcare.4", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-api", "version": "9.0.100-tuxcare.4", "purl": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.100-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:1460c309-c50f-56a9-ac14-eb9ff438c529", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d7e0cca5-bc8e-5300-a7ce-f4d5ad480b05", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:141f4669-3c29-5aed-aaeb-c66d7d663f53", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b5a5d1e0-cb97-5faf-a273-3f97b1e3d657", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8a8684aa-ff5a-52c5-9f29-5177fc3b266c", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ac18e7b1-91f0-54af-956b-9e08d9772cfb", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7c485c3b-6eb7-5fd6-9736-359320969393", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1fe1dc5e-410c-5fed-864c-91ac286c076c", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:06b7df99-d457-52d9-b6ae-454fcda96f95", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8f7087af-31f4-5bc4-9754-dac2c9166a11", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7993de96-855a-516e-b786-ee49c070534c", "id": "CVE-2024-52316", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-52316 affects version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7adbd653-2d9b-553f-bf3d-414ec3b01735", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c89ef51b-2fc6-5dca-b079-93f9c9ed316b", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6cd5139b-110b-512c-93f1-e4b76f5c5318", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4d968c71-9095-56d3-999e-7bd22bd744f6", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:90448d53-21a0-5d16-9942-f8f02c82cb0b", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f7256d2b-25ae-59f7-bf42-1e7276b6c87f", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:70afc1a7-3247-500f-b327-fab7c82cce16", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ee2965af-b9f9-585d-92d5-f9b1493fb817", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1eeb5054-19b9-58dd-9eb1-20377ee66c03", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e471bd89-6208-5d54-bbdc-5e413986526d", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4314cf16-5e8f-5b92-b9c6-da62de863717", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d349db62-303c-5570-b6e1-d7a5a1c62847", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3751f0af-30ab-56e2-aeea-91786dbb2d0f", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3e06a0a0-1d6d-57c1-9379-e8773f503fb8", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a7e8c8ea-e136-58d3-ba17-cf743cb20543", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:211e643b-045b-5f77-838f-d2eed5915b64", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b0b93377-c396-5092-93dc-12d3e126146f", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:26f0837c-80d9-5869-b684-5cecabcb7090", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9fac7aa3-226a-52e8-9c7c-76a203847109", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:007db032-2864-5e03-9029-f71a13a975db", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:addd1279-4afe-56f2-8be6-5a302d350aa5", "id": "CVE-2026-29146", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29146 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e04cf6e8-fbd5-54d5-a94f-e13430eef5bb", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5c92e0f8-3212-5744-b7b8-bb51765a3d8f", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:38b6e114-275d-54a8-bcb5-8ade3469bcea", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b5e7519b-3040-5778-900b-eb3f3b0dd61c", "id": "CVE-2026-34500", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34500 affects version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.100-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.100-tuxcare.4" } ] }