{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:2bf46584-509b-5661-8102-8a25b1a9167c", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.2", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-coyote", "version": "9.0.50-tuxcare.2", "purl": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:7a5fa816-3478-5f36-b4be-9027ef419c4a", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:32230e7f-c4c5-5161-ba57-fff2af79364c", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:401444b8-35c8-5fe9-95de-1c0cdf760170", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6d5ef657-8593-5212-89a1-5f5dd4c8bf83", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:36e1fe47-19c3-5992-81f9-03a024dc796d", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:85747e2d-5460-5e89-8434-f8e69c9a3e17", "id": "CVE-2021-42340", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-42340 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7d7f0dde-1e7e-5111-8ebc-0356ad5508f8", "id": "CVE-2021-43980", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43980 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:37203421-f103-5524-b85d-eb7308c5e2d5", "id": "CVE-2022-23181", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-23181 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dabc49b5-c7e4-5f89-b38c-5f9e6053ef23", "id": "CVE-2022-29885", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-29885 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bf3af815-2116-5366-bdb5-af629c0b3e2f", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ece689c3-29bd-5000-956b-f72baf320e12", "id": "CVE-2022-42252", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-42252 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4578162f-8048-5416-b56c-0ae2bb8bbd22", "id": "CVE-2022-45143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-45143 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:df34aa38-bc80-5b73-a26e-ea58dfd50562", "id": "CVE-2023-24998", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-24998 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c0e94285-9ef3-5215-ad72-ace3f78a820c", "id": "CVE-2023-28708", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-28708 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:15c15682-ff80-5c9c-9b64-e2ff503b3229", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1776b807-60f6-5e7c-bf18-df67eb1c9d6c", "id": "CVE-2023-42795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-42795 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:46141508-14bb-530f-8b7c-1fc39fe8e733", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bac518a8-0de6-5ca1-ae51-a32adc455d5c", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d32b339b-f24f-5a59-ac5e-933a0e41456d", "id": "CVE-2023-46589", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-46589 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:118b9888-53ff-5a37-b16f-e02fe5526cb7", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0592f1cc-7033-55c5-adeb-8e8248772706", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2e1293dc-08e4-525b-a46c-689d4fd48636", "id": "CVE-2024-34750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-34750 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c965ca8f-7f53-57ea-a1b7-0ab5ed6ae765", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4347b4f4-e932-5397-b4f7-6183c934c38d", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:86d479fb-c852-510b-8c89-f73d8dfd8329", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:285f9da6-b219-5e21-a2ac-b3d6969aabca", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:28da75ff-3ccc-53f5-82df-0bdc8992b4ce", "id": "CVE-2024-56337", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56337 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:59df2f6f-e914-58d9-aa4f-3f396a264bc7", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:67032639-9e4f-5259-904a-dab37dac4622", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9ef1b830-006a-5be8-a38b-8c737f33db36", "id": "CVE-2025-31651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31651 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:47989d71-5518-5bc8-8d7b-5e64dcd431aa", "id": "CVE-2025-46701", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-46701 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9cd7bc9e-3232-5af4-8d13-02c60db9f5d9", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:46b4d445-b481-5970-8e9b-288ca921438f", "id": "CVE-2025-48989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48989 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1c01bf45-4635-538f-ae60-037887476bce", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3e342b29-0a8f-5544-be65-627030f007e6", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0e04fbf4-3770-51a8-b714-785026470b0d", "id": "CVE-2025-52434", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52434 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:62442102-1eac-5fc7-82dd-bdc62d4c2756", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2986fb1f-498d-5456-a5d1-a8744c7d8fc2", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:84beb775-e727-5d31-b6ee-72512380e9dc", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:585ca827-6280-5319-87fc-56cd449a8747", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0b560d67-901d-5393-a06f-c52362ff3eb6", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:250e8e9a-9df9-5fca-991a-091b370c67f8", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a8f9b7c1-3966-50ce-be11-4de1f4a54e51", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3ba0fa87-4797-55dd-a9c6-30c41584b470", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d143537d-bbda-5ab6-bad1-2fa17cfc8c0a", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7dc0d1ed-e37c-59aa-a321-e1b12799faca", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ce75e0a1-fa33-5f0e-ab9b-d6e751bdb952", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8d400147-8d30-5aa0-827b-b5a3adb1315d", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7cfd4509-1182-50dc-8b0b-a108c01bc0a5", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:99defbbd-ddae-5b20-8c8c-ec1dac0c1229", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.2" } ] }