{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:42d00b9d-1a16-5150-a3ad-260c4a98855a", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.87-tuxcare.1", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-catalina-ha", "version": "9.0.87-tuxcare.1", "purl": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.87-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:055ddf68-6f15-5bf1-bd59-fe52bf6c639e", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:95dac2ea-108a-5031-bc7d-e0971fa6dfab", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:af33730a-eadf-55d5-9986-17dd9834dc85", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1e0df83f-f561-50c0-9c7f-36ec35205395", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7388c8e4-3968-54b4-b229-301625580221", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6b48bfd1-fc41-56b2-80a4-98666b11107a", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:215ffc77-afc3-5316-a590-c693c96b9692", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a0b18594-d63a-5ae9-8837-eb0e11cc64ee", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2a067abe-c187-58cf-815f-a9db7dc3c569", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:844f84a1-1dba-5740-93ff-aa89dee4bfcc", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d1e57d8c-6ddc-5d0d-895c-2db09ab76db6", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cb865b2e-259f-5d33-be02-f113dba4af54", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:15724a85-5bae-5ff9-b874-c39f8f7c538e", "id": "CVE-2024-50379", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-50379 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bef0abc0-7bf1-55d0-a9a1-bc8af47c9aa3", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a084bafb-6779-5225-8227-c0517d57ab19", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:03227548-54cf-579e-9188-b650d34a173f", "id": "CVE-2024-56337", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56337 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:15602dbd-ff09-54f0-a2d9-844fb1b519da", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b9d4e5d0-ea9b-588e-8227-e7e734d68afe", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:98bee8cd-a807-56dc-840f-7af2bc86c290", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4513376a-2edb-5901-98d5-478847675df9", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:015c01a2-af03-5005-8db3-81fd07a08326", "id": "CVE-2025-48988", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48988 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:45333a9c-b295-55c6-9bba-a50dd072a86d", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:380d5b92-e26d-5b82-9573-08ac19a13cdd", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9651a4ac-ec9f-5eb7-971f-fef4f6bd6b92", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6821ae2e-040a-55b7-b9dc-15a4684da0e7", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5ab72ab7-9716-5792-9005-cca7f5dfcff0", "id": "CVE-2025-52520", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52520 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bb96d149-f396-560f-90a4-450b17c9b8c2", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b3842308-7473-577d-a560-1ada6be986c4", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c4112444-e128-51c9-acb6-065524bd6660", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e79025c5-e6fb-5652-831e-fec7b9a13c97", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3d658720-3250-5424-bdfa-9a7e2df526d7", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5f9ff927-8e88-5bb7-8da9-e9402f041ebd", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:930a3e76-1668-5e8d-b987-e7168fe259b7", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:00433830-bbb9-5b72-a646-1a0d6549d83b", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d01eca69-4862-5cc6-ab85-39b5a1953335", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d4e44857-75e1-5317-a930-9e49d93c178a", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7c05209d-7fb7-5715-957f-2370a06986a4", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e2423cb4-742c-51ba-ba52-1d363975ea13", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3ebe59e8-c45e-5c2c-a309-8f2d50d1e9ea", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f8e394bc-bcf4-5518-bfad-60f60f332a9e", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d9deb30f-f10e-59c6-873a-241fb159c69f", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.87-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@9.0.87-tuxcare.1" } ] }