{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:10001362-dbfa-55d7-b481-ac278dae0444", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.87-tuxcare.5", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-catalina", "version": "9.0.87-tuxcare.5", "purl": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.87-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:8ca2888e-cdf5-57fe-adfe-430503bd0d86", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:13cf5127-7845-5f14-a10d-80e55b02e500", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7c91b772-a189-5750-bcb7-c44134c84049", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5ea3d501-503f-53d5-a6b7-3ede66d2f270", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f4475074-60d0-5ae6-b5de-80664975fd5f", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6532a3e3-7a51-573a-81d0-850f8fc89d03", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a9b74ac4-0b3e-5977-a625-cf3bd9cb55a3", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c4153d40-08c6-5357-9b52-9e8e89999b3b", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c5fbb607-dc4b-5c0f-bce2-da33d365b114", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:df7448b6-3cb8-5b1b-b72d-1afb4c42316d", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:129151f8-146a-59d1-9066-04c7c062a9be", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:67af74fa-1d7b-55b4-abb5-48cb43dc84f7", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f4bdc05b-beab-59dd-90b6-4c4cf25ccd98", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:89c6d5a6-93d4-5472-a878-18e1d15fd475", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:643c3c37-3d38-5854-8d2e-336411002564", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:dcf4a4a7-2ef5-5536-8aae-7a02f8fb3ae2", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:546ff8cc-ffab-5d8e-af10-fc8c31db3f6c", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1d6b216f-bbc7-54c4-a77e-0813dbf2ef1f", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3848d5b2-5ea9-5486-a24f-996103f92859", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:174aeefd-7fd9-5cab-a7c9-28416ad75f37", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:96f41f23-53a9-568a-9b7d-a5adef51c19e", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:74ed5288-8fb5-5874-857f-6429d9a055f6", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7a9f56ca-a9de-566f-b2c9-764e77a1060f", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:349b5360-15e4-5a4d-90dc-242de018b421", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4afadec7-b6be-51ed-a781-b96ddc319688", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:899aaefa-6f4c-5c87-88e7-b266e01587a5", "id": "CVE-2025-52520", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52520 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:82a3ff89-316a-5fbc-a0c9-5450f95466cd", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b0617a81-e446-509c-9c11-a192d9508e95", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:36ac8d39-2917-5abd-b76c-607b6108ca45", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:278ee17e-19b6-5a4b-8f06-19c2911c5655", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e6edca60-7de9-503c-92ca-eacde0ed55c3", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:af2c11f8-2224-519e-a874-f037492344e8", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:aaa7a7df-c2e5-5331-8849-74e03d795edf", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:de97566c-43e0-51d7-99f5-ca66990a53c1", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1a83224d-4399-5413-9711-dae57478eefe", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:09401a3a-7a5d-5b78-abd2-eb5d6f3eb398", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:36c9e37b-e823-5381-a833-536f133692f4", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:176fbee2-8b9f-5c6d-823b-ea2046bb168d", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3b25d38d-325e-5fe3-b6e2-afa94dffe77f", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2858f1d6-3616-5424-af5f-ee8291c10e59", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9c5b2a4b-8836-5e68-aec9-83f757914eba", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.87-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.87-tuxcare.5" } ] }