{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:19cee35a-3d60-5f5e-a6b0-7fccb713e0b5", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.90-tuxcare.6", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-catalina-ant", "version": "9.0.90-tuxcare.6", "purl": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.90-tuxcare.6" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:f52dfa38-8b8f-5ba8-9b5a-e07f713d2d42", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.90-tuxcare.6 of org.apache.tomcat:tomcat-catalina-ant." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:935e1078-ee9f-5d41-9e56-4e2a41e04122", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.90-tuxcare.6 of org.apache.tomcat:tomcat-catalina-ant." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:4f4fd0ce-2df4-5934-8ea3-19d637a4c0b2", "id": "CVE-2020-13943", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2020-13943 does not affect version 9.0.90-tuxcare.6 of org.apache.tomcat:tomcat-catalina-ant. Fix for CVE-202-13943 for this version has been already backported by the original developers, so brunch 9.0.90 is not vulnerable" }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:e0668615-ff59-5e3f-8096-d70aed99168b", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.90-tuxcare.6 of org.apache.tomcat:tomcat-catalina-ant." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:f9b3dbe4-377c-52ec-83a1-93fd8f428396", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.90-tuxcare.6 of org.apache.tomcat:tomcat-catalina-ant." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:397d22cf-14d2-5829-abd8-d3f1f8ed086f", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.90-tuxcare.6 of org.apache.tomcat:tomcat-catalina-ant." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:dc070c91-d032-5183-916b-de1d66054c81", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.90-tuxcare.6 of org.apache.tomcat:tomcat-catalina-ant." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:8c9da156-12e2-515a-a146-0b4ee35a6cf0", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.90-tuxcare.6 of org.apache.tomcat:tomcat-catalina-ant." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:65c8de87-8072-582f-a417-0418b80afe51", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.90-tuxcare.6 of org.apache.tomcat:tomcat-catalina-ant." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:c661fd49-9ec3-539f-9bc8-88c2aa54bbea", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.90-tuxcare.6 of org.apache.tomcat:tomcat-catalina-ant." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:0b39ae2e-b312-53c7-b5f2-b31bb23faf2c", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.90-tuxcare.6 of org.apache.tomcat:tomcat-catalina-ant." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:77d42260-dd06-5720-8a11-5836435f243f", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.90-tuxcare.6 of org.apache.tomcat:tomcat-catalina-ant." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:2d03a82a-5193-592f-b9f4-bdf4304af766", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.90-tuxcare.6 of org.apache.tomcat:tomcat-catalina-ant." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:f7b050c6-c986-5329-9e41-ce5af3d908fb", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 9.0.90-tuxcare.6 of org.apache.tomcat:tomcat-catalina-ant." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:d77888f0-e582-5aa4-abf8-66b982039b65", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.90-tuxcare.6 of org.apache.tomcat:tomcat-catalina-ant." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:f93f4dd9-b5e5-5488-b317-1fddb8f277ad", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.90-tuxcare.6 of org.apache.tomcat:tomcat-catalina-ant." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:22a7bf7e-d2dd-5efb-add4-160b2dc9972d", "id": "CVE-2025-31651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31651 affects version 9.0.90-tuxcare.6 of org.apache.tomcat:tomcat-catalina-ant." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:d636bde1-70cd-58be-8022-530b13eb6087", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.90-tuxcare.6 of org.apache.tomcat:tomcat-catalina-ant." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:1c1f9d1c-f4e1-5427-b1fd-e51bafa3b7a8", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.90-tuxcare.6 of org.apache.tomcat:tomcat-catalina-ant." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:3b98f034-f609-5c8c-a10c-d83355adf8f2", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.90-tuxcare.6 of org.apache.tomcat:tomcat-catalina-ant." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:699b4dc2-4d72-55e5-bb89-e5d0f3f4e65f", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.90-tuxcare.6 of org.apache.tomcat:tomcat-catalina-ant." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:e16187f2-8cd6-5490-9093-eba5e3ab9e79", "id": "CVE-2025-49125", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-49125 affects version 9.0.90-tuxcare.6 of org.apache.tomcat:tomcat-catalina-ant." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:9e086230-4365-5992-9f21-97c6e8f55f1c", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.90-tuxcare.6 of org.apache.tomcat:tomcat-catalina-ant." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:4f50ed16-78ea-547f-97b0-753292e9a3d6", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.90-tuxcare.6 of org.apache.tomcat:tomcat-catalina-ant." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:e9cb7498-d9e1-5b13-9493-01515b9e4686", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.90-tuxcare.6 of org.apache.tomcat:tomcat-catalina-ant." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:cfee9178-e972-54c1-ad74-6becb504083b", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.90-tuxcare.6 of org.apache.tomcat:tomcat-catalina-ant." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:c0423e44-572a-50ae-9726-82d9d630a3cc", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.90-tuxcare.6 of org.apache.tomcat:tomcat-catalina-ant." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:0ac055ac-5727-55c7-bab1-fa1c8889889f", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.90-tuxcare.6 of org.apache.tomcat:tomcat-catalina-ant." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:b6c3e095-859f-559f-889a-9479cc3f0ec2", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.90-tuxcare.6 of org.apache.tomcat:tomcat-catalina-ant." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:fbb4f85c-49fe-5d67-bb73-f79c3e2be145", "id": "CVE-2025-66614", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-66614 is fixed in version 9.0.90-tuxcare.6 of org.apache.tomcat:tomcat-catalina-ant." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:f290955b-6cfe-530e-9740-a4393bd74e67", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.90-tuxcare.6 of org.apache.tomcat:tomcat-catalina-ant." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:dd27117a-68be-5e07-885c-a13cc3b305c3", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 9.0.90-tuxcare.6 of org.apache.tomcat:tomcat-catalina-ant." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:718bae73-d263-527f-bc4f-c8b8dec64157", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.90-tuxcare.6 of org.apache.tomcat:tomcat-catalina-ant." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:d06206c4-7b0e-51a1-b8ad-1ee8d8ed0856", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 9.0.90-tuxcare.6 of org.apache.tomcat:tomcat-catalina-ant." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:df23f67b-1bf2-5f78-9b30-e4296ea4934b", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 9.0.90-tuxcare.6 of org.apache.tomcat:tomcat-catalina-ant." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:9e5efca0-5fb2-5916-b33d-40db89137619", "id": "CVE-2026-29146", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29146 is fixed in version 9.0.90-tuxcare.6 of org.apache.tomcat:tomcat-catalina-ant." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:6f499538-b03f-5991-9d99-17a8bf2b4a71", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.90-tuxcare.6 of org.apache.tomcat:tomcat-catalina-ant." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:c379b8d8-4a83-5e17-a31f-41cb9cc2590d", "id": "CVE-2026-34483", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-34483 is fixed in version 9.0.90-tuxcare.6 of org.apache.tomcat:tomcat-catalina-ant." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:26c61a1c-8547-5d24-99b6-01125fb20ae1", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.90-tuxcare.6 of org.apache.tomcat:tomcat-catalina-ant." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.90-tuxcare.6" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ant@9.0.90-tuxcare.6" } ] }