{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:56dbc90e-ee41-5b6e-9f32-7fd80ff5a164", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.50-tuxcare.7", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-catalina", "version": "9.0.50-tuxcare.7", "purl": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.50-tuxcare.7" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:e967794c-0fe1-583b-9af6-b1450ec3ac41", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:bcf92db2-acaa-5ff5-99af-bddb3735572a", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:2d593bea-849d-54aa-bb33-b662f7218196", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:9a5b3684-90c3-5bfe-939a-3c3743ac077b", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:f0034f02-1374-56f6-a3af-57b14bfb51d3", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:c1f64e58-e18b-5914-a1d5-f0954b474332", "id": "CVE-2021-42340", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-42340 is fixed in version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:8db6fdfc-4651-5706-991d-c3219e73cc3f", "id": "CVE-2021-43980", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43980 is fixed in version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:6e1a16b4-a98b-58ac-87db-cfa648f0da44", "id": "CVE-2022-23181", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-23181 is fixed in version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:e62d102d-4c9f-517f-8bd8-48fd99b8562d", "id": "CVE-2022-29885", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-29885 affects version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:0bfe8b50-50d9-539a-a243-2a55209e9dec", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:a3fa8008-a662-5c13-ba03-502c4e9e2eba", "id": "CVE-2022-42252", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-42252 is fixed in version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:424ef3bc-9625-58e0-bac7-71a0674d67c9", "id": "CVE-2022-45143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-45143 is fixed in version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:5fc90d22-27d4-52eb-8f17-56308c0174a0", "id": "CVE-2023-24998", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-24998 affects version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:f355ba1b-469b-5016-999d-93625f4feccf", "id": "CVE-2023-28708", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-28708 is fixed in version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:e0d5863d-e57a-5b20-9043-f66fc0b82b22", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:319764dc-739b-53d9-8954-aee201509bd7", "id": "CVE-2023-42795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42795 is fixed in version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:f4437856-7b98-5fc7-a07e-561b95fb3544", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:960a1677-2575-596d-9384-a257277c710f", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:11746898-b693-574b-b913-4578a7091e7a", "id": "CVE-2023-46589", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-46589 is fixed in version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:908278ee-a084-5b96-a772-bd35eb1796a3", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:51e6f7bc-f189-5e61-8257-ff8b79427a39", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:a67089aa-093b-54b8-a841-ff4ef122bea2", "id": "CVE-2024-34750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-34750 affects version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:66089927-49bc-5caf-b852-e86af74e71b6", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:0fa61105-516b-5087-8cf1-5390d586ad47", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:47ec1cec-73f7-585a-a67b-b737a2ee29b7", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:93e22cd7-0630-5c4b-833e-028758db60dc", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:e121a335-1c73-5977-abe7-9ff1e7ee7eb2", "id": "CVE-2024-56337", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56337 affects version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:9f1f6225-d74b-5b7e-91f6-0cec5c15d3cb", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:564ebf5c-f06a-5910-883d-0efa847eb2a9", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:79d3c495-16fa-5f21-a81c-53ae68eb6589", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:c4ea042e-98f4-5a75-aa60-9a4a53ec88d0", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:504406a9-f1ab-56d7-bd6e-f2b572181cfb", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:1ab97bc9-55b5-50a8-8f8c-894e1a03fdd4", "id": "CVE-2025-48989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48989 affects version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:46a39834-03ce-54dd-9452-15aa8666dd9d", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:c944c120-3f82-5a91-89c1-da713327e2fc", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:4dba6cf3-9342-5313-9290-57a3e9c5521f", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:d0c4c8a0-cfaf-5f50-9904-ea1d8ceb00ad", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:c1b5b57b-25ba-5392-a26b-a5f0e1a838cb", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:650f143d-237e-5c33-ad41-cc4e1b9cc6d2", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:e9dd8fc1-0ad4-5f4a-9cc7-4e8932e51af0", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:043933a9-9c94-5453-9de0-fde2bc575b9a", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:5d11f86c-7217-5269-9590-95d33384c032", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:4b1c1bec-9e9d-51f5-800b-3b8d7b1fc2d7", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:d085f6cb-1e1e-5d4a-a83d-49f35e75b360", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:043e2e82-b4d3-57ac-90be-8833fea903af", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:3a767d51-03bd-556c-9528-82fce18a8d5a", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:879adec3-8bf6-5b6e-ac28-6d23069ffb30", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:61b127bf-424a-5e42-8bca-f366139dc582", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:21c60fea-1cce-5ca6-86d3-ae8b62536702", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:d2d774b6-0c39-56fd-94c9-a9e8a1f96036", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.50-tuxcare.7" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.50-tuxcare.7" } ] }