{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:62ee505f-ea1f-58da-893a-1d4f362b4924", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.75-tuxcare.1", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-jaspic-api", "version": "9.0.75-tuxcare.1", "purl": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.75-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:ba003bea-f124-5b0d-b656-973eb1cb9aa9", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:58084f1a-cfbf-54eb-aeea-1ce06493598d", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:58de9455-a4ca-596a-94c1-96de587494d4", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f69b5bb1-e6ba-5359-99c5-872278bafef2", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5c21dfe7-1335-598d-8008-cd0f6131fe6f", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:76609937-71da-58a8-8cc6-ccaf62cc6f3c", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:85966def-81a4-5554-9c6b-a3a150e27b33", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8612e775-61e4-5787-be13-750699da8f6f", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1b1f2ac1-3909-5ca5-accb-e3d3414ebdb5", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a13a8b71-560c-5677-85ca-2560d7742719", "id": "CVE-2023-42794", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42794 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:95e1aa4e-1c93-5f82-9543-1094847f8ce0", "id": "CVE-2023-42795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42795 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:93979ef5-1902-5a98-9026-e04f31c3ff1d", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3452d8b1-86e1-5610-b52b-22be32e8c183", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:565dead3-9c49-57d0-9b82-15f5a10bf573", "id": "CVE-2023-46589", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-46589 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:da95efe3-5cfb-5685-aad5-67091b441806", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bd2fe877-6bc7-5bcd-8b8b-de6734d93883", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fb91421a-8559-5cca-bb40-b51224f75a28", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a5c2bd73-071f-55a0-a3d4-2fb3ebf3a05c", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c1a3edff-4574-592a-a34a-255c1f8f6f9f", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0b4f6805-44af-5206-8d1c-cdbf93b7627b", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3673722a-b250-51bd-9951-b751ae27c613", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2af8d2c5-0668-57fe-9a06-e643909d25da", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:49ff7ba3-2259-5cca-8de2-fa1937aeaa84", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:18b2e797-7fd5-509e-ac79-80525d80678b", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:99d42b67-8807-5449-985b-6cbda64d12e5", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:48435205-1d8a-5985-9c1c-b936b2e38a87", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:86d01571-aaf1-534d-934f-1c963109aefc", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7c6ec048-a73f-5f84-8822-d00c62e497cb", "id": "CVE-2025-48989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48989 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f183da04-cb19-5fe6-93b3-15727880d6e1", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c6d83096-38ef-526b-8170-b8f85b3ebfdd", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e7683532-edf8-597a-b679-566b7a179a6f", "id": "CVE-2025-52434", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52434 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f80809a3-cee4-53f2-8cb8-c5636393dd8d", "id": "CVE-2025-52520", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52520 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7a48e9f9-ab01-5a5f-8ca8-a9afa35a70cd", "id": "CVE-2025-53506", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-53506 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f3b417d0-5756-50f9-9681-c8a38bd35939", "id": "CVE-2025-55668", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55668 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a1257590-bcd4-5b14-bf5b-b92a088a971c", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4246e659-5d79-507e-89a0-b27d01d27236", "id": "CVE-2025-55754", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55754 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9056e946-0911-5479-94f4-024593955b70", "id": "CVE-2025-61795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-61795 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:89ece468-bffe-5a84-bdc7-1b95b117f646", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8cb2aff7-0cbe-5ce7-bb43-fb6aa4423d4f", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cfca90f1-c5d9-5765-87d2-7e0bace5f552", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2da32284-aac3-5b7a-a22a-779d6b98406e", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d1593ff1-59f2-51b9-9c36-ba0088068d50", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:03427ed7-fd48-57a7-8f05-0113ff792970", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fd3d8501-138c-563e-b1c0-84b4b8d62084", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:346e7dcf-cb31-5055-bb81-150804013ea1", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.75-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.75-tuxcare.1" } ] }