{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:1ae69faa-19fa-56d0-9d02-834c82711107", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.3", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-coyote", "version": "9.0.50-tuxcare.3", "purl": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:a8058fac-286a-52a0-8aaa-7a0e96d2480a", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:07e17b18-5954-57b3-9579-d5cd309a6c6c", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b3409c4f-cb58-5f2d-bb04-38d3ebf11134", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6ae81022-3d8c-5220-ad83-33e676a469d6", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ea69c9aa-5e8b-558b-b3bd-795df47c8557", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bb797532-ca6c-59c6-b2ed-c22f51357347", "id": "CVE-2021-42340", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-42340 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:054a17b7-0e82-5149-9ccd-ca336c05ded3", "id": "CVE-2021-43980", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43980 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9c89acd9-985d-5e57-9d71-8ca12cebcf0f", "id": "CVE-2022-23181", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-23181 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:57a7c28d-c2bd-5820-97d4-f8c43eb01e9a", "id": "CVE-2022-29885", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-29885 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1681e1f0-4a55-5132-9ed0-fb8b266a5ae8", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c4be0a7c-9bdf-58e5-b842-ecdf2480c284", "id": "CVE-2022-42252", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-42252 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:21a15d21-06be-595e-a9af-8c0353f39e40", "id": "CVE-2022-45143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-45143 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9e7254a3-dd63-5faf-9f34-6d2b9fdd36c1", "id": "CVE-2023-24998", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-24998 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:de15b4e3-e2e0-59e7-96e0-3c11552b5b54", "id": "CVE-2023-28708", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-28708 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f0f04125-1b20-5d51-aa2e-373f8167d9df", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2e0ba191-c2e4-5e03-b6f1-1d8d0e4e41eb", "id": "CVE-2023-42795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42795 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5b918b12-a7d4-5d22-a3d8-ab0ba96d0a88", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fca138c1-4de3-54c9-8a82-1f3de77b64d0", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:98e37406-0969-53d1-80ff-193c1c05c525", "id": "CVE-2023-46589", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-46589 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:45420cd4-d243-53f1-a57a-ca6f3b2d1696", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:75f1a9c3-4aa3-5fde-af32-cb0cc39e3529", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3a3f2d3b-9ee7-5a5e-b557-d7ed40fd6087", "id": "CVE-2024-34750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-34750 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1e1568d0-24e8-5dd0-8e43-3e532e65cf27", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f1f8e8f3-b2f5-506a-900e-5fd1345c1cdb", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dd95fca1-4d03-57a6-ae8d-4e7a7d32f81f", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6a66d40a-ca5a-5fb8-ae15-a18fd88db961", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9d0586b4-128c-5178-9933-3af53e44a427", "id": "CVE-2024-56337", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56337 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:04fc85f6-b703-5468-95b0-23b6970aa880", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:56718935-27d5-5af8-bda6-afeadac920a4", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:19d6fb71-99dd-5cff-a6d2-3cc55f2cdaa2", "id": "CVE-2025-31651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31651 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4cf70752-9cb2-5066-a010-19ed699ac558", "id": "CVE-2025-46701", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-46701 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:89865a7a-0d5d-5e31-84e2-923053dbd66b", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ae34102d-d60e-57d3-906a-840217358999", "id": "CVE-2025-48989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48989 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:480a0a18-83ea-5042-adb4-26752241322f", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:282392f2-4ca5-593b-9799-23d95bce7646", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:872439c9-5ed5-54af-a501-7b1e3431f928", "id": "CVE-2025-52434", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52434 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:368dbc31-f326-5247-98c2-905fccb977a5", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ad948b7f-d5af-5f6d-bfae-e993a68c1623", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bd6a671e-16f0-5cce-bf00-cc80a586744e", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a0553dea-626d-5739-8396-62d70baff17e", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4422ffd5-1466-5380-8304-fe4bd90c6de7", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:af073339-b354-51fc-93b8-4dc915f7d0fe", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f30e7777-ccfe-5100-bdfa-c6040f285acd", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7d4ad5dc-80d1-5cee-9145-855fe2c9112f", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fe6d610b-2071-5f10-a150-57059ec54ef3", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b7e6fc26-551e-5518-949e-34c5dabf0437", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ad26d1cb-df8a-51b1-9286-7d5a62ce0b2d", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1cabe6ee-08d7-5980-b15d-7f3b995bd3f3", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:71d96b94-c671-58b8-b464-48862b491d58", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:78b848fb-0246-5075-9ec3-510b14643d11", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.50-tuxcare.3" } ] }