{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:71113c9b-c808-5a7c-ac18-fc458820a6ae", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.50-tuxcare.4", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-catalina-ha", "version": "9.0.50-tuxcare.4", "purl": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.50-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:52bfd3dd-d424-593c-afc0-7f51814c0682", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:89a17bbd-19d2-580f-ad60-413de3958352", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e3481af2-856c-5a17-9c4d-d8d62d0c92d8", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:25ad2cdb-0175-5837-a625-2fbfed320479", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ceac436b-3bee-5f62-b561-06974b52272a", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a4d5307f-23be-5630-84c0-7b9efe99cc9d", "id": "CVE-2021-42340", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-42340 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9c2bc839-17dd-598c-b88d-cd3ce09b1866", "id": "CVE-2021-43980", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43980 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:25e5de5a-9d54-5a23-a293-7fa933d4d8ab", "id": "CVE-2022-23181", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-23181 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cd5f6267-89a9-51e8-b410-feedcfe2a3cd", "id": "CVE-2022-29885", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-29885 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:40439441-5c0f-5265-8440-5997da7ade01", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:659ecb0d-f748-52a7-9ec7-89c0576a9274", "id": "CVE-2022-42252", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-42252 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4ce0c56d-c7b1-5b11-b4f5-3a5e5ee94849", "id": "CVE-2022-45143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-45143 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b6500730-6ff5-50fe-86cc-7515d7056942", "id": "CVE-2023-24998", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-24998 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f3a504be-fb3b-529f-ac38-f45e40ad993d", "id": "CVE-2023-28708", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-28708 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:637cee0f-002b-5187-8f1f-57ef52e54ddb", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:46cb56cb-7b28-5579-8cfa-24a530a91e89", "id": "CVE-2023-42795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42795 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7f04bd27-db10-558d-a1d0-c59fe289af45", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0c516dc0-3603-5408-a8b4-f9d18e764522", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:11269124-2f49-562c-9dcf-da3a604f1715", "id": "CVE-2023-46589", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-46589 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6ffec989-9f5a-51be-8cc0-70007e058143", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7c9f0049-6bbf-5811-91e9-f815323ec740", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d23c518c-357a-5295-a262-835dcd50b8e2", "id": "CVE-2024-34750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-34750 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:669752e7-1cff-56e4-9485-8a17a959c002", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ce7446d9-ef71-5a6a-bfad-ad0515028fcc", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:80c7bfe9-c432-51bb-a7c3-bdc2c70ab63a", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a008ec2b-1f29-5ff7-b957-e31209a9adfd", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0cf46179-6c84-5259-a168-0560457635fb", "id": "CVE-2024-56337", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56337 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1bc254c4-6b02-5d9e-b352-c084e0bb5dd7", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:63584144-d6ce-5ce2-9496-20ff6b72350f", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:75127f98-550a-58a7-9cb5-70e53af63294", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:be3b7af4-a6d9-549a-ad3d-ebb713c16bed", "id": "CVE-2025-46701", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-46701 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:30f43e09-6fe8-513a-924a-68601f10eb2d", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a315c622-8e25-5bfb-a867-362d345bf7ea", "id": "CVE-2025-48989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48989 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:332c7229-a455-5fcc-ba78-73eab1d50233", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:74986ff5-1b62-5b3c-a3c0-855cc7a3b298", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c1774f88-57a3-5d79-906a-8dbd5f11c26f", "id": "CVE-2025-52434", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52434 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f10a0615-5106-5c1e-a234-82d00661b02b", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:89aa2ef2-bed8-5b87-ad13-c921e88b28f5", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:74f6442e-7492-5bfb-b68a-faa04125eece", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3a7fb8bf-f4f3-590e-8852-2e9793db78a7", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b1be2e7c-4b7c-5327-8860-c2826acc98b0", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4aab4842-5cb8-585e-a5dc-4639a8604c34", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:245de534-84a7-5055-9aac-606c422d7cea", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6d5e9fdc-ced4-55ee-8a22-5e1f4d5ad5ab", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:04fbe984-b743-56fd-9bfe-b5e32332fb6e", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f0406460-93e7-5290-bbca-3a7adc6caaeb", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:05f68d27-8664-51d1-b152-80b3dc56a938", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fdaa3dbe-bc03-544f-826e-3da696f5916f", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cc4d93dc-167b-565b-9676-bad5dc3fc8ac", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ce69a3df-fd8a-58ef-9db9-1946b21097f2", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.50-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.50-tuxcare.4" } ] }