{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:92a34a30-94f5-5356-a8ab-8b7001ef6f40", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.4", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-catalina-ha", "version": "9.0.75-tuxcare.4", "purl": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:e5fd6556-4ed5-5ceb-9ae6-6f0fc29f7f67", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:133a3e69-273f-5ab4-b296-1cf322455400", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9d279926-b597-5e8e-b590-f3e6b193b6b4", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e8ced202-5a6d-595a-9266-80e6b3caac96", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a9601397-84b5-5284-aa4f-1645bc32a425", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1519b300-bcb0-559e-9220-577319242d40", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:37069fb7-8f09-52ee-9b83-76c1a290ff38", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:06163063-4cb3-5194-86af-3b320eb01b10", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:aba0713d-920a-57d8-a8b7-29abeaec9309", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:53f23e0d-f255-5a61-95eb-2cbe255b924c", "id": "CVE-2023-42794", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42794 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6a9e957f-4fd4-566e-bb6a-91e897073770", "id": "CVE-2023-42795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42795 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:af1b2641-4335-517b-8325-2012288aae03", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6bf3cf33-48c6-5ae6-af24-19d41d58a3e2", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:63a29959-6655-5164-bcf6-fdb15f13770e", "id": "CVE-2023-46589", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-46589 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6a931502-8a31-57af-86d5-88b2dc1c7785", "id": "CVE-2024-23672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23672 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a811b66d-d795-53f0-bb9b-ee0160270ae1", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:69a80ad0-490f-5ff1-993e-3289ec00c762", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c619e876-0dd6-5ded-ac43-da1daa9ee6fd", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9cd5820a-2171-575b-94aa-c08003357887", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:87f92e2c-b8ce-53d3-afd2-5fe211f3697e", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:69e504c4-c9ee-52a3-adbe-e0b112d9f43c", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3f4bce36-7884-542a-a00a-c97e4ce37c39", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1f0af023-fd79-50c3-8841-544e0470ef4b", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:57b3347d-2c67-5449-b85d-3347c0a412a4", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4e3d2e13-2eb4-5c34-adbb-ae5c75afc5f1", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4ea9088d-487a-507e-9099-331a104c05c2", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ed2a7ea8-e8c8-58b1-926d-6d5110d9bf6c", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0cfd9aaa-5b6f-585d-ba4d-d8c4097a55f4", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:743be61e-3cf5-559f-81ee-8f53e759567c", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a8308dbd-f83d-58cd-afe1-1b6d2ddd035a", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bc54b296-e898-5030-8853-6549828da39a", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6cb3d6fe-c764-5b8d-be3c-22f1e916b804", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:dde60617-913b-517a-80c1-37f813b53c0d", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:71235f03-1a36-5be7-ac19-675d7002ce6c", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f9b1f6b6-9d11-5663-ab2d-10a12cf300df", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f89e5915-de1e-5b9f-90ba-fe96f2693d34", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:64d2786c-0136-52be-9ee2-7583ee5bea40", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9a0d7c0c-6228-5af1-8236-ebfe4350e1cd", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bbf7a797-fb05-56e0-b05e-972744287b78", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8bdff2a4-25cd-5001-8b6b-57895d454a13", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4d873470-f4b6-5c64-bc3f-80cc45c3a7ab", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:721b9d67-4e6b-5cf5-abc1-27d78c5e014b", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7e429401-305b-52a2-9e61-8a2512d507f6", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:476d0b1e-20da-5061-8c37-c08d1ee4d5fb", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8338d947-43c4-543c-8d5a-9476d1c18922", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.75-tuxcare.4" } ] }