{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:76c320c4-8cac-5b20-9c31-21342d38e9a3", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.5", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-jaspic-api", "version": "9.0.87-tuxcare.5", "purl": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:80913367-b851-5a39-94f8-89dbca521325", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3e029ad2-0cc5-5eba-83af-7d42dab3935a", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4b7fd9ec-b53b-5240-99c2-b540e7627a48", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a049ee86-94c1-580f-8273-f56103c1573d", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:19db2c9d-02d6-5c95-9a72-983a5096a688", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2704fa20-4911-5c3a-bb0f-612670c86e12", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:52eade19-7dd0-5c5d-b630-4b445b174629", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f1b6a81d-f319-543b-b921-c042579c4f8f", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8f2cfaa2-1036-556c-b1c0-518bbe87859c", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d5811990-82fb-5333-819e-b60833e8674f", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9b4818cd-53be-5403-9ecd-7439e297832e", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9d373dcc-0da7-5dc6-865e-b4065173163c", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:077e06dc-e778-59de-a235-898d771dc1da", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5e759717-90ce-5266-8076-c84dcb82443e", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7c4a9bb9-0b60-58d9-901d-803ac262c125", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:56483d6a-747a-5f37-8368-c47e5fba0992", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4bc2e723-cc1f-50d4-bb18-adf2d78d4086", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:204898e2-23f6-56bc-8df1-ef2b8c5e1dd9", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8ceff283-3eea-5027-9c81-6f818ae9b9fa", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:54492c81-b958-55c7-9728-43143b81a712", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:30bc7f3b-2279-5c25-aa77-8161152200b8", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c3ca72f2-c04d-5536-8b9b-a7f7de4e1600", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ee1ea5db-cfe3-5b2a-98f7-2cb2e4d913d2", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0cf4f026-c7ab-5405-813f-14923442042a", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b87aadd2-35b4-5f90-905c-5e6dde6ad84c", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c0bf9715-f825-59d6-9ca5-e7576fad1ef1", "id": "CVE-2025-52520", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52520 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d6411cd0-0736-5c7b-b40f-8ce20c0c18c6", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2fc41456-2029-52de-aca6-05df4928101d", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d0b8f2a4-eee7-5fa5-b7a1-2700d841f45b", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:cce866fb-2768-5f8b-bd90-14838e343f93", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:77eeda68-716f-5171-a37a-41504dfa00c0", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:44d02a2a-374d-59c8-9020-62a0af7628f7", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a8e0d331-2bc8-54ec-8da1-659ad21cb50a", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6561ccc8-3548-531e-96c5-b9d49aedbbd1", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b761768e-90d5-5450-9f22-b6544431ea97", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c49a844e-4c07-5c51-8aba-125fc0520efd", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7d060863-6d18-5b69-a8b7-613eebc7a19e", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:544a5dae-c0dd-5d94-9288-8a40c07415b3", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:79bc1784-3482-50fa-92a4-e376f7484868", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f68fe605-a818-5340-8573-7b63761215e6", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:634494d6-385e-51b4-b6dc-a87fd8d4015f", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.87-tuxcare.5" } ] }