{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:05b0e98c-6473-5329-b516-e16518ff857e", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.1", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-coyote", "version": "9.0.75-tuxcare.1", "purl": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:3354dc6d-f811-5881-a4b5-23a87c7d668b", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9962c5d5-314e-542f-9a70-1bcd8a791ab6", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c9d78924-bac3-584e-bdae-3c86a2c64a7b", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3f84bfc3-53c2-5aa6-92cd-48ab3d62d93e", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0ae562ef-c3c0-532d-b68d-31a63d914106", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:02b45d65-2470-549f-b13e-b66d279278d0", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:88f55684-4b5e-5153-9dc1-61be23e9007d", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:328d8ab8-e689-5253-8c2a-564988553d3f", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9e33baec-f23c-53ba-8947-5160f5f4a82e", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:805fdcd3-e04f-5cf3-a023-a9ceb5e09328", "id": "CVE-2023-42794", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42794 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:87d3b746-18aa-56b7-80ff-e83f96a1fd3c", "id": "CVE-2023-42795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42795 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:52712c4c-7b85-5863-851c-8811c28d012f", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d6a3983f-b065-512d-8397-24ce82eafd80", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:555cde44-f99c-58c7-b86a-970e60b9edd3", "id": "CVE-2023-46589", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-46589 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:833dfa22-efed-5536-b83a-38f659a8ff7b", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5deefb98-f255-5f06-af89-434a9f19a164", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6d24e0ce-36ab-52be-8679-bb71d96279cb", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5f64d0e7-9ceb-577c-98c4-369dbf88485f", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a15aac44-bdd4-5f31-ad9c-9f368e7439b6", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d34259db-5cd3-5202-b3b2-9b5bc65366ec", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a7209229-914b-508b-bbbf-69987e32d7fc", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a51fb32e-d343-5864-9a3a-14cd12c462df", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:91112fc9-8ab1-5ac3-bed1-8ec2bc408fde", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b8628db5-5ad8-5d3a-a5c2-71db41256c01", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:075727cc-8c79-573e-a2c4-780daf992d29", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dbf576ef-17ca-5d18-8286-b4035243ef62", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:141b840d-43ee-577f-8a10-9d06492f56db", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d26435d4-ed4e-52be-be5f-0c51412a8ef5", "id": "CVE-2025-48989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48989 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bcd115ad-5bcf-5bf0-a54e-5f48b02fc63b", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a3056be1-0625-5377-90ac-e3b3ed3e5dd9", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fd3c63d3-f823-5840-b3ae-9f77297ff650", "id": "CVE-2025-52434", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52434 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e231e896-e6dc-5dba-804f-6a3aa7efd0c5", "id": "CVE-2025-52520", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52520 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6e33963e-f3c1-5df8-b002-f407b82e070c", "id": "CVE-2025-53506", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-53506 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f225144a-f46c-50ed-bcf6-54ecbdf6d480", "id": "CVE-2025-55668", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55668 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:935f6e82-c084-5f14-a3c7-24271a9b42d8", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0e678d54-b674-5f8e-91f6-958ff9057991", "id": "CVE-2025-55754", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55754 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1bde7bf9-a1ec-5ae1-9e59-3026568186ee", "id": "CVE-2025-61795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-61795 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5080bbff-57e2-5648-8635-4a2e475c516b", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8c2ce155-5d52-5427-b204-e83d47dc09bd", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f946c71d-36a9-53ee-a28a-e644cea0a8dd", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:06134a80-e35e-586e-bd5f-12c3a46da827", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4b57a79b-831a-50ea-b5e8-6b353fe9e313", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7056ca33-76d9-57dc-807d-66094c2cd54b", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e027a868-923f-5329-a294-97e37ce8c0c7", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7cbf8c20-89d3-51f5-b4f0-4b15f8acf4a4", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.1" } ] }