{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:e8692c54-2aa9-5d94-b192-e2c5a0420695", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.2", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-coyote", "version": "9.0.75-tuxcare.2", "purl": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:01d3916f-acc6-5099-aec1-a8c857b1e14d", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:98bc5e8f-cffb-5b99-957f-f2280fd79e1f", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:35c8077f-fc8c-59dc-826a-33762e421471", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:49e5379e-6d8f-5d49-bacb-7a3ee106359a", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0c7e16e7-3618-5741-976f-02d37d8d6e20", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1fc322c9-dee6-55c3-9378-fc3f8f913150", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6c7fe5f2-20ba-561f-8c68-49385fe77cce", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ce97bae1-4642-5fa6-b524-754eeaac12cb", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ed12bef4-cc2b-556f-b08d-7e20463ae782", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:20b5d52b-03c5-5e55-a604-c96f003a838f", "id": "CVE-2023-42794", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42794 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c009ab2e-0023-58ec-a11a-0d21023e861d", "id": "CVE-2023-42795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42795 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2c38e81d-ee3f-511e-afcc-2eef4370738e", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7a6f2e17-f585-5a32-8dca-af846ea84584", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f7e01e52-9ef9-5ce2-b43f-2389a6e540dc", "id": "CVE-2023-46589", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-46589 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9518e753-1f9c-52ec-99d6-9b35956625e3", "id": "CVE-2024-23672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23672 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e00b6aa3-e789-5193-bb80-a84912faf111", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ad0dddf9-be5b-5e15-9a81-ee6d64cc6131", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:11449b0a-1170-5ddd-848c-7d8d7e9f6594", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:97375a19-cc2a-5aa9-bd27-27a22ba719f8", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:aad50706-a398-5529-ad03-d7b70c30e797", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:50671359-7e2a-5560-b29f-7a66da922efb", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:836d46b9-2577-540b-8905-b32372359805", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4ef83ec4-4a34-55c8-bf04-f47a1dddbdcb", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:90f95600-9cb1-56bb-b498-fec847b50d47", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:06df4726-4922-57cd-bfba-1055f771b05e", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:45275c74-c684-5ac6-a3a4-cf9e1dd91ec1", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c0d0a056-9e1b-5838-b792-cc96a3c71d00", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0793d46b-cb2b-5b2a-bea9-5feb55729713", "id": "CVE-2025-48989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48989 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d375e325-a251-52a3-9e44-4ae0b81b8fcb", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:34976494-aacf-56ff-9b56-8b4551c70810", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:37899cba-2a01-57b6-ad47-eed776aca8e0", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b792e59a-9244-5864-8d71-52dd8087d970", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1dbe1524-7668-5256-903f-aa28b2696c28", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e165939a-79bb-5c52-9aab-0fd39f117d43", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c59e7b75-a1a6-5c1a-9d3d-b05b90486b33", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:67f21852-c6f2-5b8d-b74b-ebac37ea28c0", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4e178a9f-b493-5fb6-8661-62fe362a0a9e", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:608db091-d3e6-5f15-857e-0af13338bf17", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:52ab0c57-5659-5680-8ece-ddd99ac01542", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:854d6d8a-d83e-5466-bb34-cfd711cbf1fe", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:52d3e001-4807-54fa-9cf7-918ba93e1e33", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7e042c44-e112-548b-aa32-456bd65c5109", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f480a4c2-4854-5016-b51e-aa79a6894bf1", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4e04e508-719f-5774-8229-3fb1291ebe21", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3da019af-616b-51f7-9f4c-0fe25518bba4", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.75-tuxcare.2" } ] }