{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:ed4888c9-8ab9-5966-95a1-b18336e61543", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.100-tuxcare.3", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-coyote", "version": "9.0.100-tuxcare.3", "purl": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.100-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:2c138c2c-8baf-5bc1-847c-ceec39739bb1", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a48dd38b-0025-528c-b55a-f41555090ef1", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:44fbb67f-1248-566b-a600-581fd4c9db56", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:be4fcf60-5b3c-56e0-a1b8-a8324adda543", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1cc90e7e-da57-53be-a396-36a6c9fb0b58", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a4be3b7f-52b5-54f3-96da-c96aebe64bca", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6300a49c-8ff6-59c1-8613-641b9221de9e", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ea6596ad-e955-5fdc-a850-c260f032cae3", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f805386c-789d-5688-810a-f3f9eaa9d63d", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:23997c50-e708-5f23-bf1c-a5e9de72f304", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bc2fcd88-fc07-5e25-831c-564e2d91c694", "id": "CVE-2024-52316", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-52316 affects version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:053184ea-a737-5511-83bf-59be3ed551af", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cb3cd2ad-68b5-5041-89a4-d8996a9a0b9a", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3f0e4400-16cb-5977-bcab-a174d68969d2", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ec889864-595a-5e0d-91c9-c430d21c8b6f", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6f5035e3-9078-55f8-8fa0-bae0797c136f", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1c76803b-841b-5b6d-bf74-6d574da3024a", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5baa6366-ae05-5b30-9943-ec6e1d68d2c0", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7c900a40-ca01-5889-a798-0be75fe255d0", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d2aed021-d3b8-509d-95cb-d8598532b4ab", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8f6da116-9aa3-568a-8fc1-dd0ac12d9394", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:efda94aa-b5a7-565f-85e4-4915b373c74e", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c9b990cf-7180-53e7-bcc6-94da720899b4", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4247e4b2-236d-5365-93e3-04f9e315c4d2", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:303f0169-72c2-55d0-8416-3beb5fcfa11f", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:25f0a82e-7b8a-59f7-9fb3-957be75c28db", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:df924f3b-5425-547e-bdd4-039e45b1e014", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d00ea4af-b059-56f2-9fe4-8b391df38eaa", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:25cc3a92-8bbf-56ac-924b-af5f019bd7c2", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:13402c6e-65ab-533b-9d40-cc1cfa120e08", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3f0c8ce9-047f-59e1-919d-1c1c7ff20790", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c6bd80af-c6a8-5f66-9fe2-016848e75d25", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6933d62e-971b-548d-8177-af7054cfe0a5", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b930df55-95e3-5232-a32f-77a77f981251", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e4219815-c8d3-5de2-9ac8-f68dd139da29", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c24d3c81-4716-5a2e-8a37-d34b9f982267", "id": "CVE-2026-34500", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34500 affects version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.100-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.100-tuxcare.3" } ] }