{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:8ea2bb6d-d02f-567e-81b5-6c9b17ac909b", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.3", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-api", "version": "9.0.75-tuxcare.3", "purl": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:2c35870a-e11d-5ca3-b03c-271090f0c1d0", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f0e0407e-80b5-5ee7-ab72-015cf48c0c02", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6e5851f4-b877-503e-83d9-7ca8a8d89786", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3d8b2d23-aaf4-5627-b3ea-7a195483c367", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1390c7e6-cce5-505a-9cdb-09d705c64c13", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0111adc5-6184-50b7-9c98-e103ddc9a7aa", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:00120395-73ee-5a2b-b5db-3ea643dedb0c", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b700984b-1f59-5112-9781-7494f46a8918", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ad252708-e3fd-5b6e-bc48-054593e1cd42", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4fd878d7-eb68-5b14-a2a1-f484aa4eff9f", "id": "CVE-2023-42794", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42794 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7de70f81-beae-5368-bff4-ea18be51a725", "id": "CVE-2023-42795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42795 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8566a5e1-87ee-5491-b9c7-26fb1d1ba744", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ca0df7cf-711b-5153-b8c7-299a9a9c2e77", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:250f1582-cb0a-505c-854e-37392b8ff9ce", "id": "CVE-2023-46589", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-46589 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4f875d65-49ad-5d1f-b2b3-abc87eb9f904", "id": "CVE-2024-23672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23672 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:992352ca-66a8-54c3-8083-0b35ead14a29", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:09aa6236-6b17-5092-b2ef-6b191241a287", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5ed9745e-1024-5b0b-8e79-2015ce225808", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e8c835f8-4371-5664-ad20-bc241094a393", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:564f62dc-07d8-5a59-8e25-5cc3ef955c21", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6db323f6-6263-57ea-8796-1d648e00ba9a", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:825b8b1c-05c0-5e7b-8495-7b35e9f4f388", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:39a510a6-6e67-5c30-a071-d5a2374916dc", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1b0326a1-a736-53cd-8288-205d506dcd4c", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:31397a37-4aa5-56f8-8900-be2b8279c047", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c3de7bdc-e3d0-54fa-b181-3f9d65b41334", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0373611e-af02-56e9-9dff-667b7a2a662e", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4610620c-874e-5d61-b616-323a1a4e23f5", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4b778c1e-b584-5732-adac-aa80f38ba3e5", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a09699bb-6385-593d-b0c4-bc01f76f888b", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:86289736-056c-5939-91f7-1b8f68df63f8", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c858fcf9-5921-5f11-83f7-71d5dd74a17d", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:309ecac0-7826-5ed9-b6c3-eb7e1392c787", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fda8cdca-3457-5324-8d59-59af406c7c43", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:618db1f7-314c-51c7-9fd5-f7e533e264e0", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dce744b5-08d0-5bdb-94f9-45c5fdd8b598", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:22a66e71-6ecb-51aa-a52e-dc77b6b0c115", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c57e76e5-f056-541b-a516-09532a78b1cb", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b1582f7e-f977-5fd8-b201-f363a9ca966a", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:17c999bf-5918-5eae-96a4-b5ee17e3ee5d", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d0341b05-f7a4-538a-a7a0-ea07f08d16a1", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e7bdbcda-9b1d-51b4-a48b-7a8ff4c689a6", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9b085f03-37eb-5f76-a6e4-9d6293a2f090", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:65354a63-15a4-58b8-b866-36f8aa607bd2", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d1e63673-d3c2-5e7a-9cad-2f7ffe7aefc9", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.3" } ] }