{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:b80c6c05-70d8-5496-9ab6-c6593da333b7", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.1", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-jaspic-api", "version": "9.0.87-tuxcare.1", "purl": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:711e89c2-fa8a-541d-8bbe-65a5fafba174", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6e538b24-f05d-589a-a0d0-4bad8e2c9163", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d1c0300e-411e-59f8-8197-4a30ca3339d4", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:77c3dc22-e6d3-5e90-af1f-44aefe4d7e7c", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:34474b24-bba3-5fbb-9262-beab5f04b22c", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:24638a95-03a0-5cfb-9930-d3ca07f4b22c", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:37cf2d21-9495-58b4-a2c3-5c59c3e20dae", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:295102f2-d848-5404-967f-4b2be2417f51", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0faabba2-7524-558a-9e25-5ce0bcb79256", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bc7e3634-7609-51d9-beb3-d36ae219cc87", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ccb9776d-112e-51bd-8c9c-bd667d1387be", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f015a096-fa52-5c2a-bc2a-58ffcb67713c", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fba0dfaa-19f3-5d4f-a798-10fa8b5a2566", "id": "CVE-2024-50379", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-50379 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:83b3b191-7b05-5599-86c5-a1611bd2d826", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:340e915f-9966-527e-99ac-d7afb4916f81", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:858d3466-9623-5991-adff-f1cf27d30395", "id": "CVE-2024-56337", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56337 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c9ebcba7-14a8-54b9-91fc-3283819891b7", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:856c0056-9079-57c3-9deb-0674e431620f", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d4d98884-b5ab-5119-9b7c-352eb6f24c83", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9f39011b-b60b-5f86-8d28-8dacc0642d05", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b194fecb-73b9-5713-a1c1-156764442028", "id": "CVE-2025-48988", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48988 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:31bbec86-39bb-5d8c-90de-5a47a025a474", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ec6ff5cf-b140-5201-bb63-26aa073da8a2", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c4f7346f-5c25-5fd6-9cba-447ba8c57a84", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:87894980-042b-5a7c-8c4d-7467b7902aac", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:859e9baa-c1bc-5fd3-8a24-effe9d0c5205", "id": "CVE-2025-52520", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52520 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f2ce16b0-ddcc-51bb-9ea9-8b98d7265e3f", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9fe3defa-e0fb-56ec-8798-ad308e68d4d8", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:94a3bd41-2ab9-5ec1-8853-75c2b3b0ef2b", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:67dafc60-0bfd-52dd-80b0-0c8fb1127a14", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ebc5db1e-67a4-51d0-b40b-9d2a70528e40", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d887b96f-d577-53d2-b40e-0d69ec10e8eb", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7c45c31f-859b-57f6-aaae-5fe4d4bc67b3", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:912c136b-d550-5d0e-9770-c3bdfd887460", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7c8cc6cc-8cbf-53b1-9f18-57c6d3d2611e", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1944ab0e-4647-561f-b31b-b4b660179f48", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2d366d7a-11b8-5d58-860a-84ccb084072a", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7b60194f-9515-5191-afac-94aeae21f1e0", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c790bd09-e925-530e-9143-5e8ff72d569b", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1655e777-6772-590f-a57d-144da64807d3", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5ec1af66-4502-56ea-a95c-a230d2af02ac", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.1" } ] }