{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:0fef10ff-3692-5b0c-8a2f-68611b926cf1", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.87-tuxcare.3", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-coyote", "version": "9.0.87-tuxcare.3", "purl": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.87-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:ecccac72-7e0a-573c-a206-ee32fb2ceb03", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f968c124-3294-55d4-9a1b-6cff7307576a", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9f226270-7251-559d-b196-4788b31dcb08", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f8ff719d-7a26-5a20-8a83-a5fa0b3b730d", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:989cb080-8589-5b38-a413-592225b1c95f", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:165e69b5-8f24-5624-8e42-b764185623a1", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:aee8bc1d-e74f-57cb-ab72-a298acf6453e", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fc2be0c3-b5b7-58a0-bec0-6586f2e98da7", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cf53cb78-a0c3-58d5-ac3c-8dff4a0207fb", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5e6707be-7a51-5b35-9fea-f329453b7c2c", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:57705fd8-e81f-5b06-ad4e-4cd194db4aa1", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f67ca741-7367-556e-b306-81b987576cf4", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b7e103e4-c486-519b-9cdc-462e837b2fe4", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7a7f2472-687b-53a3-91a5-ab02af4c5dfb", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c173eb79-c1df-5d32-9aa8-84fb9b33f2aa", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:78f046ab-919d-554f-85f7-ca33996f5267", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:905422ab-d25e-56e5-b856-a9c69bd9e907", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f0df3d21-0d19-555d-8eb3-742f24ece250", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1eda6668-8d7e-5df8-a3a8-da6edfeb5f4d", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8b3a30c1-b7ca-55ee-b9b1-92dd70f312c2", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fdeec97e-065f-50de-981d-fe3006bc1e50", "id": "CVE-2025-48988", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48988 affects version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4bade0e9-3552-5661-8e73-bd59a6f0949d", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b4406dc3-ebd5-5ed4-a93a-5a3357722ba8", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:928331d3-aa44-5d54-94fb-a0c0d291774f", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b47f276a-f7e7-5604-83bb-93dab941e213", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3f1b9b99-f143-54f8-8d7b-42d8cbe17966", "id": "CVE-2025-52520", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52520 affects version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2674afe8-6826-578a-ad12-8bdf610f613c", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d3044b1f-c8e7-59fd-b1d0-7cbb4a61b27d", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8c9fcd2f-04fd-50cd-8bf9-52a5af2ab8c8", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:738cc31a-1255-528f-a8aa-6f1a7cce30a4", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f3111ab6-b609-51ea-8a69-bd1c28d97c47", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d036dc8b-83c4-5bfd-9c75-4f35988405a4", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:628887b0-5a96-56af-83a9-19c360f16c90", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:25a3ebb7-51a8-573d-81b7-339a31051ca3", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:83f1324b-f127-5049-b320-fe634833081e", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b476a9b6-0083-59ff-862f-b2ead2b2a178", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a0e4e3d9-6db7-52e7-bb7e-c54fa37aded2", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:70f6735d-8618-5a6d-9508-185c18909a06", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3136aa98-9c10-5f25-b831-6625c7c01431", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:942f7e1c-1692-50d9-b29e-4b75f570f474", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.87-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3eed959e-ab24-5d8f-bf15-4522d643ce16", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.87-tuxcare.3 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.87-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.87-tuxcare.3" } ] }