{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:12301172-8d1e-5f9c-b6fc-c8bea69a7195", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.75-tuxcare.4", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-catalina", "version": "9.0.75-tuxcare.4", "purl": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.75-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:3547763b-f1c8-5991-8593-78a93a8af48a", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e4a6ecf2-e60a-5ef9-b09d-057d4f602514", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e9963dbe-3aff-5143-af50-ff0ba9bb3be2", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a2d3dd1a-8663-5b4e-91fc-b1d3f4e66d89", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:05145e78-3119-5608-a32b-dfe6a165c1cd", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6f89c90b-925a-570c-a2d4-e9d53a78fd23", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cade2c9d-0d13-57a0-90a1-96399d3eaecb", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a459b68f-b075-50cc-b88f-b88f844de99c", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:aa41e1e6-36f5-5f39-9693-be29c307cb9e", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d524a18e-8547-5eb2-8b34-17a944602fc0", "id": "CVE-2023-42794", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42794 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6cb5c5eb-2a79-5213-b7fd-5d201f0482ef", "id": "CVE-2023-42795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42795 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d9b27512-d608-50c9-b825-5a751667653a", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:62b3e92a-0d25-557f-bcbe-38765ee021a4", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:39883fad-1f83-529f-8134-362a200a1ec0", "id": "CVE-2023-46589", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-46589 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fb1f87ad-cf5a-5ef8-a7ab-9184a604c306", "id": "CVE-2024-23672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23672 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:665b0e2e-703d-52ae-abf9-8a9b932c35d0", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:934d1abb-eb4a-5896-b886-c084b9b4dc5d", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:22589e7f-c79c-5913-9b0c-82d4db69c077", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c2e243ba-acd4-5d00-b957-1a8f2cd23134", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7b9d7dfe-29e2-51f0-8c2e-f4c5a2ebb846", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:197c8c44-780b-5f91-8fe0-863073f61734", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:98d5d325-838b-5a47-bd49-b24a37cda466", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ce8d9ebe-514c-5c5c-a201-8743d80a1d4d", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6a42a2d1-c5cf-5dcd-a492-7f073d6d1756", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f5a4decb-f815-5e2b-b333-bfb0cc6f88f2", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7ff80d13-8cbc-5e23-8a6f-18909ee796ef", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9748aa49-abad-574e-a136-ca28be840949", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7b7a550b-1dca-591d-ba02-1b4518898554", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bdf60ed8-051d-5a29-88f5-5025831bbcee", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d982eb41-3381-544a-93fa-d9ee74b0f2b5", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a2f09a08-d6b0-5b8e-b333-1668f5f1366d", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cb903d13-6d90-581d-bdb6-d99828f9203a", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:471c96f6-ddeb-5fcc-9b5f-eea70df306b2", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:83994901-df14-5784-9f12-832cfffa7c90", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7682a91c-ea79-5ebc-95e5-d39eb2960464", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:773837dc-34bb-5ce8-baba-63f4e15ca675", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:32be47cf-a2b5-530b-95ea-b62b0741b1a2", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4d9d947a-a5c6-52b0-94b6-97c804f8d4d5", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3c1de74f-ce7f-5e9f-9764-0d8b235dc43a", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:79d446f2-7131-5a2b-aa80-88e2d1dc6a27", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b35aa0fb-addf-5410-8de5-579659206db8", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4b415b64-7bbd-51f6-9bdc-efadccd07c75", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:122c29cb-990d-56f6-9684-65b84dcf0775", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:32a63656-6696-537d-926c-ca262f3fdcaa", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ff427bbc-6a5d-5f3d-87a6-dd51ae2d71bb", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.75-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.75-tuxcare.4" } ] }