{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:1e9e7f4f-e015-5f98-9f4c-9b9ad11a73d6", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.4", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-api", "version": "9.0.75-tuxcare.4", "purl": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:5bc4486d-c4ec-5c78-b818-6a2d3b36d831", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f00d4333-5abc-543e-8297-cb81b2e5d363", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cb41c0b1-0379-5ed2-9285-04cdbb7f2d99", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:332c29ac-00f5-5116-9ae0-06c43d5c045d", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d0e84bd2-6ce8-5e39-830f-a98249c6d578", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e4bf11e0-419c-54ef-9e0a-dec8bd355467", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9ceddce4-247d-537c-a38b-3cff1ea4f50b", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0d984e9d-cf83-53fc-bbcb-dee4f04d2dbc", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c6068b26-3829-5d72-bb6d-1182e43914da", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3025590c-5f26-5cd1-9127-5e102f55c225", "id": "CVE-2023-42794", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42794 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f1119a21-ec2a-5d9a-b6d8-14599503877f", "id": "CVE-2023-42795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42795 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a325fa1b-d713-5697-a703-a9cc178c0a27", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:48b66de2-5ef4-5c67-bdee-e97692e5d19b", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5b936d6e-b97a-5852-b4e0-c5ab3971cdb0", "id": "CVE-2023-46589", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-46589 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0195a6b2-c6c4-55b3-932d-8aa4b4bcef4f", "id": "CVE-2024-23672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23672 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:512c2c14-5f06-557e-8a35-28d9b50008d6", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1b0329b8-7541-59d0-98b3-f23d7e5e0ec7", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:eebd338a-6adf-50e0-be4d-616d91af9d9a", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fd57952b-9757-5500-a420-b8a1bb72a064", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d3d742c2-527f-594a-ba43-e36f0820c9dc", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cdc262ad-4850-56ca-a901-49ed9000aebf", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6edee4d2-64fb-5239-881b-09c9393ac3ef", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:79985ef7-462e-5e69-abf7-0838323bce93", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c0221e9c-749a-50b3-a16e-a6c83ac38646", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:649c6ee5-64c8-569a-80fc-a416eef5ff58", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:31465e3b-0bff-57dd-9729-67b25cd8282c", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2a94d645-9093-5970-87f5-f385ff36e406", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f913e5ac-aff3-58a9-a15e-cc9604c92ca3", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:32019661-3de6-5f9c-b3fd-442bac6ba984", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fbdebc7e-0707-5f98-88c9-1acc85c3a2ed", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ce89238b-7eb4-5681-88f8-6819d90803b8", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6e6ce4d3-e75e-5417-b158-8379ab0b9bcd", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1b5e93f1-3e32-5bc4-8d23-f27be7bb4cdc", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5cc33c4d-e749-52ba-abb6-f3635f56b513", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:10369ccb-3d4a-5256-a7d2-84bacaafbe19", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:807cb437-f256-5a96-8a2e-9d8c4f979443", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:64340709-cd19-51d9-ae6e-b0366d5fc8bc", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d46822a8-b14b-5e63-95f7-10196ebbe17e", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d2972178-5a65-5b33-ae0f-5e3b0b2435a2", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fcc88457-5362-55db-a1c9-b2029afc66d0", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c7262328-d07c-5254-8b97-ae3602e5195d", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:76f6f16a-2ec5-5e06-821b-53bdaead679c", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5291a853-63de-58a3-bcd7-01b7d025570a", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d9c9a635-763c-53ca-8681-8c7899e6b780", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:caeb25cf-330f-58ee-b36e-c4d46f005c17", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.75-tuxcare.4" } ] }