{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:9997a97a-3991-583a-b9ff-124d0fbf4091", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.87-tuxcare.1", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-catalina-ant", "version": "9.0.87-tuxcare.1", "purl": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.87-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:c7bf6cc1-27b8-5dcc-b7aa-d16b539c1a03", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ant." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1c37364d-9d11-5bba-9b17-df6cf67886a8", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ant." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6df9ee81-fcde-5a64-be79-ea0ff7d081c4", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ant." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1596c011-5a4a-51e3-a604-3f68b8ad1837", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ant." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bf0294be-f0fc-5428-83e2-c0e3627b1596", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ant." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:77eb8c02-2c0e-56d6-bccb-c5d76062685e", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ant." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b98bbcf8-eec1-590e-9cdf-ac8019c27dd4", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ant." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:70d305e3-b3ff-502d-9881-7f91a9385dac", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ant." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8a8462e7-d435-560e-8fc3-dd70b903b75f", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ant." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:02aa81f2-c869-51f8-ad57-cd2c64f1f7d3", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ant." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fca30bbd-3b99-5de9-812c-3b7c4a88624b", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ant." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fa8114c5-9410-5674-a98b-22d6e843a576", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ant." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fffddad2-5d69-583b-aa34-151301aff795", "id": "CVE-2024-50379", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-50379 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ant." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:395db392-467b-59e5-862d-62b533a5c882", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ant." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a3bccc7e-13cd-52ba-8152-84f8400a79e6", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ant." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:998045ae-81a0-547d-9c7b-d08d42fadfae", "id": "CVE-2024-56337", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56337 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ant." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7b624584-2225-58b9-bc88-10e64ca47b9b", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ant." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4589261d-e851-506f-ad87-87874cb9359f", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ant." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f459fecd-c032-5cac-86ff-cfec140d7a9e", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ant." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8280c1a7-c264-50d8-bbc1-953cfb9591ea", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ant." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:63e4ef75-953e-5933-8c12-5235b0db8546", "id": "CVE-2025-48988", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48988 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ant." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4b05fc04-f77b-5c74-8966-ad443b4079ac", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ant." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:15c243db-8ac2-534b-985b-e56923252a6d", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ant." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ee515906-207a-5d33-a367-4af3a610a682", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ant." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ff547acb-db58-5ebe-a73a-bead9ca5e413", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ant." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e1b04499-05de-52be-8ded-6848801e641e", "id": "CVE-2025-52520", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52520 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ant." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:36845dad-0bf0-5c2f-bf73-9f335780f7a5", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ant." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ce3ca1bf-ef12-50b5-a5c6-9a0cb05ccb57", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ant." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:24cf28b5-4d6b-5d10-9fef-db5e272bc673", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ant." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0d6a47f9-a3ab-582e-aed7-e2ddc3cd56a3", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ant." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c816b0c2-2d35-5dca-8306-f5f70a74482d", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ant." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:be6b25ca-6afe-57fe-bcd3-ab55c71c869f", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ant." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4a7cb3d6-7a81-53d1-ab7d-1c04d471c3ef", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ant." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f4332dd1-0524-5bec-8781-e3be794e8560", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ant." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d9c030f5-fec1-5a72-8025-58748c38f5c0", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ant." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0e0b2c35-2a9b-526c-a4c6-a6ec0a6cd78d", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ant." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7fb2b97c-f51b-5f09-8f03-523198d9fb47", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ant." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8af45856-c6bb-5f2b-88bd-e800ca61594d", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ant." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ef0155b8-6f2c-5735-a049-4cbd6326b15b", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ant." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d133eec4-be15-5476-8a69-e0952ca2f6de", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ant." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9335b0a1-7d98-5e02-96e5-672f03227181", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ant." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.87-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.87-tuxcare.1" } ] }