{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:7d990288-67ba-5a00-871d-8770ced042f2", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.5", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-api", "version": "9.0.50-tuxcare.5", "purl": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:a28029de-1542-5d46-b190-8bf75368aeb0", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f6661f5c-0483-5d08-b647-3665a933a36c", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b7153e10-6a11-5666-a273-0b43776b1b61", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ce809d52-da75-5557-860e-4cdfe8f39a91", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9acd7ab8-80fa-50b4-89b0-e67fda99c6a0", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:98ba88ff-c3e0-546a-83d9-023d7f7c1520", "id": "CVE-2021-42340", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-42340 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c74690cc-99da-5bbd-a764-2e436194d2c6", "id": "CVE-2021-43980", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43980 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f955d6a4-f915-58d6-9034-51382f768edc", "id": "CVE-2022-23181", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-23181 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f141b869-3435-5954-8c21-3163a90d8d2b", "id": "CVE-2022-29885", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-29885 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1c946113-389e-59a6-91c6-03e27bcc52af", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0a89467e-5325-5977-ab8c-43c4e8b6e070", "id": "CVE-2022-42252", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-42252 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0d98afd7-6248-5959-8e5a-3fd56e9dbb25", "id": "CVE-2022-45143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-45143 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:579b25ec-e016-5333-a11f-7a8d68a07c62", "id": "CVE-2023-24998", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-24998 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7cd5e386-aa14-59c8-85f9-b2d37723c2b8", "id": "CVE-2023-28708", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-28708 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:98b5fce9-9cb3-5047-a6cd-ff9bcd20cb90", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:14b0f6d4-c0c0-5c4f-8fd8-c7c133d1b4a8", "id": "CVE-2023-42795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42795 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:73c8b48a-5a40-5162-81ca-8e3bb16c6b47", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e925f3b0-06d1-5d45-86bb-93486070e060", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1101c3e2-b37b-5a50-8621-e3b58c05e7da", "id": "CVE-2023-46589", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-46589 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a24511f9-caef-5ab5-a424-c298de2ba66d", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8296f28c-d161-5cc2-895f-010d402386e2", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5e5e6e74-6c47-5d64-b937-103559d7d825", "id": "CVE-2024-34750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-34750 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0b09af71-a47b-50ab-acbb-827ecbaf9c6d", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e65f199a-bd8d-54b1-9228-91acb7ab7447", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f994cf91-6559-5f9f-9d13-006497daefd9", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:468c6c6e-7f6e-5578-8d19-a625acccb7ef", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:16597ce6-f75b-5b6f-89a9-b742725e7aba", "id": "CVE-2024-56337", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56337 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:469fd39c-c137-5383-b612-1bce616c9c4a", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8d273b19-58dc-5c37-8c48-db58b741479d", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9e94f107-3310-5c06-bfe4-5b1b2da0e213", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:43cda692-a85d-5976-82ff-3a8224e6d454", "id": "CVE-2025-46701", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-46701 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:774e61d0-f940-58e9-82fe-ef592a6dfbd3", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:34ae27c9-2c00-534c-a652-f9b5433bcf20", "id": "CVE-2025-48989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48989 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:fd609c47-3b52-538b-970b-222137ee054f", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b8662cf5-6f7d-5950-b732-af9a882cc791", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d3dd98bc-1147-5177-a3ff-d0fd0b8ccf51", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:bb1f93c6-46d0-55d4-926a-fe1563710465", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f0396a5f-e286-5738-945d-3f9da76be63c", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:35d849dc-fd33-57b4-a35b-059c8cafe34c", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3790c8ba-c031-581d-b5f6-a3aa8173568c", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a0bd6fc1-48c1-55db-9bc5-62b4356c668e", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:122fe819-9dac-5d12-8717-d7fda8ed3f83", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6c77ba27-4126-51d2-a015-b5afd0df7cee", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:20bf80a2-19d8-539e-ae49-928a74944ca2", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:667ad85d-29db-55a9-8f43-4c42c5143604", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:637fd9d9-c872-55aa-985f-2b1c574e9138", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:64a2ae81-a06c-51ef-8828-5ff7540774ca", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ae0c9404-e050-5805-a38e-c5eb9df86e29", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d1e245d8-2132-5f2f-a176-ceecab0d9f7f", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2b0f65da-d0e7-588e-adf0-99d5d58559d6", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.5" } ] }