{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:f579d00c-9e80-523a-bb7e-d932785e6694", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.2", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-api", "version": "9.0.75-tuxcare.2", "purl": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:1640bc8a-64df-56f2-ba4f-d0dc18799da4", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7a37238f-a624-53f3-b1c1-f5e2e00dc360", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e2c039f4-1655-5c38-8709-b0694aae179f", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:343877e7-d662-50bc-9f07-886fe9d639e5", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b8f72bd6-62ca-52f2-9b14-cc0057ad58aa", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:960ea721-68d2-59da-9a00-5c3edd8615f1", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:758eb6c6-f7ef-52e0-9162-53f4f87cfaed", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5dfa5817-e6d2-5101-832a-7324a917da4d", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e93a765f-e9b7-5b7b-8217-0b145a231df1", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:64b885d1-0ea6-59a5-a749-fc06bb8cf3d9", "id": "CVE-2023-42794", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42794 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:38ff2c24-d85e-5c32-bdac-eaa950898d22", "id": "CVE-2023-42795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42795 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d083f777-7ad6-52ed-8315-ca5d1973a76f", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d38fabea-e4d3-526e-ba68-1b9ee318a9aa", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d74d7a8e-1eb1-5c0a-a44e-1b7bcee3fb73", "id": "CVE-2023-46589", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-46589 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3eb48e25-f9d8-5cf2-afe1-0e42a44b918e", "id": "CVE-2024-23672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23672 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5e677c32-b057-5f67-8547-c76d950e9634", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:12fe3cbd-42d3-5e51-a2c4-578d7276ce77", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e01ba279-d793-51ff-9399-bf96e1a6d30c", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e6a5ac6b-3c0e-57f1-9bde-a35e55bd2bb3", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:99b5629f-05f9-5ef6-b517-8a3b79e61ace", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9223d886-300b-5239-9606-2baab0992ff2", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8de23f32-0e19-5f37-8785-c20e9f946db6", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:601be9d7-d19c-5036-a5da-7a537fededd4", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:36106306-23d4-58ae-9436-c8038d514bf3", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:538d2c65-7857-5351-a2e5-7cb9ce4db5f8", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:de937174-9928-5d5c-ad4c-0079f1e652f9", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5661fe86-ca54-5268-a82d-82304e514c8d", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3a0704b7-e667-515b-923a-9b7a7fbd438c", "id": "CVE-2025-48989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48989 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:739551de-e785-5d8f-b67b-7525a116d83a", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5e9f379d-26a5-55e1-aef8-b07e283889eb", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:618ad4d9-9446-5e5d-bd53-8c7476ebdff1", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2b040064-5ab3-5035-9291-ad62a1369235", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7c68fd8e-6b29-5f83-980b-00ae0aacb7d8", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:36192e01-fb48-5d62-9f9f-3f15cca01239", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:33662e38-9197-596e-b988-3b95a3eabbe9", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:41d269c3-fcf3-5828-94e6-d7919af01525", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:de16ebc2-1edd-5ffb-b17d-20d1a9edafad", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6dd38941-4b3e-58d0-a656-c7168f9bf8b5", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1e4525f7-aad4-5062-96ed-fe2af165e017", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:345ead19-a5fd-5468-8b97-92bb0afb85e0", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:79dd6627-d2c1-5a54-becf-f3a893870389", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:55d32711-7a2e-55e9-b11a-f571c796502d", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8f7493a3-55c0-5991-a997-abffe14b7a27", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9f78262b-0a5b-5d86-b486-279181fe42a6", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:98c6bbf6-6863-5e6e-bac5-7f6dd2d8bbc8", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.2" } ] }