{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:24af979c-fffc-5221-8f11-f2394c0c812c", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.1", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-catalina-ha", "version": "9.0.75-tuxcare.1", "purl": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:58222dff-342e-57e0-87e4-0213ec745827", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0cee8f0d-e480-5fc5-ae7e-5be1caab6844", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:33f87e33-2b96-5ae2-b6d1-d38de767d53e", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9bc4df20-4608-5937-acfa-1b5a768a852e", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fa6a342c-d453-5236-b275-b72f6511e272", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3136fe49-6bc7-5b34-ab95-d3a45afbac5a", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6ad2fc9f-9a82-571e-a667-8451a28e5f04", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:beda8244-73a1-53de-9fa1-033e46f32cb9", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:88058b7d-d79d-5403-89e5-b77c428e9aa0", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:743383c9-9f78-5d5b-ab55-f7b477e9d42a", "id": "CVE-2023-42794", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42794 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c16a72fa-e360-5b0b-9b1a-c3b46d8f7325", "id": "CVE-2023-42795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42795 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8d922606-bad6-5afe-a82e-dd49295d4d7f", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:66607533-f8fb-59d3-bb55-f6259337ce47", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5c0134f9-0004-5e42-a371-ab8a64398344", "id": "CVE-2023-46589", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-46589 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9183f954-95f8-597f-b392-dd2569311439", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d6f07ef0-7dc0-5081-ab88-c1fc423035c6", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:89be4f43-06f6-5ebb-afcc-14a431564f74", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9ab53594-5740-5951-a4e7-7a1cfdc3d6e3", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f5ad4397-5d3f-5453-8a98-363deecacb34", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ae890394-fc3d-5690-8cbc-b40a40831a75", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:98bb888c-e3a4-551e-9c3f-57072a585a16", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c688a974-fe99-5c70-93e6-bdf88285adcc", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1ddfd37c-7a99-5218-b04a-89dacdc41607", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6eedf7ff-84f8-56bb-b5cd-15095b72ec1b", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e3a0de0c-9540-570a-98e9-2726c0744ba1", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8238874b-700f-5dc6-955a-6ab4b3735058", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3f968127-7b7f-5628-8e2c-7f9b5f52de83", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:de07c330-08d8-5901-a899-3714bef533b1", "id": "CVE-2025-48989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48989 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1c72cb26-490e-533f-a222-d789e44b11db", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ff526f29-072e-5532-9291-3e142e985dd1", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d3ccd0a9-1234-5030-9b89-8c158eeaf2c2", "id": "CVE-2025-52434", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52434 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cb88146d-956c-50f7-9989-e43b8cb0acfb", "id": "CVE-2025-52520", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52520 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f807b473-af2a-51a9-bd08-1adf7f972d16", "id": "CVE-2025-53506", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-53506 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2068f0ad-6a15-5eed-88c1-f40db3077ec4", "id": "CVE-2025-55668", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55668 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8f3848c4-9183-5a18-b434-95722c3ca933", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fe3c07f5-f456-55fd-9b0e-36c062a6c751", "id": "CVE-2025-55754", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55754 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:000e6e49-816e-5b8b-834d-fbace8af8300", "id": "CVE-2025-61795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-61795 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7ef04f36-1c54-5048-83d2-e0f6e941ea9d", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:827f32f4-11e3-5e9a-a245-15e2624e3345", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:be46ba39-1656-582d-bba0-972962674510", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7aed13b3-27b3-5ee6-8042-648ade92ff06", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:90d2c2e8-dc8c-585f-a679-15bbca44778b", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4a29aee5-9a57-5b0b-b342-1aca1f441566", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a2ff1539-d650-5f7b-9ff1-2659f02ef318", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:65e59cdd-7e62-57ba-83d6-f587048d6aa5", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.1" } ] }