{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:6370cbcf-0b05-5069-b36b-a59ca600a01b", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.2", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-jni", "version": "9.0.46-tuxcare.2", "purl": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:9e080978-88f4-57d3-880d-9bbd1d322a43", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6ab40ad8-008a-5454-a778-0ba019093d6d", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:44bf079e-493e-50ec-9d94-f668db600d3c", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:177609fc-471a-5535-853f-99370a0da260", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:541b4bc4-984e-5690-864d-4c90c628e3fe", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:73619844-3f70-5c7a-8183-16cb0e5a267f", "id": "CVE-2021-33037", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-33037 is fixed in version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:57138d5a-d9d1-591e-97a7-114585f46be5", "id": "CVE-2021-42340", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-42340 is fixed in version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8d9f1def-2f86-5254-9c0f-c68394db74e3", "id": "CVE-2021-43980", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43980 is fixed in version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:eab6499c-07aa-58eb-b563-e1ffae7474f7", "id": "CVE-2022-23181", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-23181 is fixed in version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:36b9a870-b094-5260-903d-872b09fc2a6c", "id": "CVE-2022-29885", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-29885 is fixed in version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:26a164dc-39af-5da9-aed3-9fa5a46e709f", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c06ddb0e-2fbf-59ea-97de-17fa193e0609", "id": "CVE-2022-42252", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-42252 is fixed in version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3d5a6120-3a19-5ba9-958a-c290b294940e", "id": "CVE-2022-45143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-45143 is fixed in version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c17217ea-ffd9-5fbf-acca-ce405bdcfd3e", "id": "CVE-2023-24998", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-24998 affects version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:91b14d86-4271-5e8c-beaa-6a39b04ebd8f", "id": "CVE-2023-28708", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-28708 is fixed in version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:395b36ee-c109-5d3e-ab81-4e2040f4341b", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f85d1e6e-d4c9-5060-a4f7-03e9b62d2f4d", "id": "CVE-2023-42795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-42795 affects version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:05b0e23c-6ed8-5817-95ab-968fb6c60896", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8d0ee08d-a950-598e-b404-88ad80d17aa3", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a5577905-9441-58a6-b874-76b677b3c055", "id": "CVE-2023-46589", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-46589 affects version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:25a24beb-ed50-5938-8b8c-d2c96c226867", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7bb8a88d-2650-5e68-8fd3-9ede13ca8037", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9ad4f6c0-2b37-5e4f-8361-b20032e9497b", "id": "CVE-2024-34750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-34750 affects version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a0713b85-0376-53f3-ad8f-f85817b823e1", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f47cd635-7e2f-55b1-9444-10f96fede2f9", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ef247c30-30e6-5a49-9155-d34ca0cdafb6", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b71eee3b-6eab-53c9-af89-c2aae105376a", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:87cea323-8d3a-52ce-ba01-dabcfc1b28a0", "id": "CVE-2024-56337", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56337 affects version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:46ff87b6-5a01-52b2-9e8b-b5b38daacfee", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fa5ebc40-3c2d-5cd7-ba28-f2e13fb4038b", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:497ddd27-3c34-5738-9c3f-b050651c1a29", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5527906e-3613-57e0-82cc-2c30269fb9a3", "id": "CVE-2025-46701", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-46701 affects version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4d6716a6-0ea8-529d-91d5-2b5008916da4", "id": "CVE-2025-48988", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48988 affects version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:641c9239-9b52-5924-8ac2-50bca739ca02", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:eae7a20f-2feb-537a-8224-2c9889bcacdb", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3e20ea43-924a-539c-b478-cb5aecb3abab", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:10ce7d11-b148-5c6f-811d-e1da2b60b4d2", "id": "CVE-2025-52434", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52434 affects version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:34edc0b8-016b-5507-a224-c20a9e27426c", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:50b0cf8c-5d45-55f0-9f60-496f162b1968", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:34712f3c-0b18-5aca-843e-4f3afe093c4b", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9a2f042b-9c1d-5092-9964-536cd59b49aa", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e3d07b3a-5fda-5369-ba8c-6246f6a396a1", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:24d7a4d2-f3e9-5c1f-bed9-9e7ea53dd4ea", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ff4f627a-8799-5820-abbc-da8ef0e7efa6", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:943719f4-e7c4-5048-80c4-c1dfeaac82d5", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:83cbcaed-5f1a-5d81-b657-67e945b9c7f7", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5367cf5c-771a-529d-b31f-e02cc26bbb82", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:55008a91-d4e9-5be7-8eb0-4b33e571e6ae", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f3ce2f68-f43f-5dc2-8691-c6b7919ff1ac", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c8b42c7a-d3b2-51e8-8443-28c26867c31c", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5d650678-1440-501b-9813-a1b155821ee1", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.2" } ] }