{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:67fe75e5-eaa2-5aa5-a236-c7af8fe853d3", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.3", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-jni", "version": "9.0.46-tuxcare.3", "purl": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:c50f766e-534a-57ca-8410-b5d3782b9d19", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fd16a2af-acf0-5cf7-8c04-7ad7b61265bf", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d0347057-58cc-534e-a092-d85c296bb1f2", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0b991cd9-2d2d-5ee2-b6bf-d81675338627", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f8e09500-31fc-58a6-b599-e2cadd12cf96", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f4f21feb-71a0-5ad5-b1bd-d856666f8698", "id": "CVE-2021-33037", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-33037 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1f73bfda-8890-5332-aedc-83c5e4546f29", "id": "CVE-2021-42340", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-42340 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:56de2edf-a4b2-5205-bcbd-a4daaecaec67", "id": "CVE-2021-43980", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43980 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:951d0f0c-c5cf-5079-9389-e9e103ef9c99", "id": "CVE-2022-23181", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-23181 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5bf1d95e-58c2-5be1-be1e-672c2fc6ba19", "id": "CVE-2022-29885", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-29885 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b9065a42-841b-5190-a352-c4646e6ceaaa", "id": "CVE-2022-34305", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-34305 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:07b489bf-41dc-53fb-9697-455847315b40", "id": "CVE-2022-42252", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-42252 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:90965756-f2b1-55c5-80df-2be323692c7b", "id": "CVE-2022-45143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-45143 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e677ebd6-7bd7-5eb7-9b5e-485dea1457da", "id": "CVE-2023-24998", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-24998 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5095c271-e28f-530d-bf96-b60d97a7f8e7", "id": "CVE-2023-28708", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-28708 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b407db9e-d22f-5fc4-beac-528603ad74bc", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9af1d0b7-fbf3-569f-8a42-51f4513a4af9", "id": "CVE-2023-42795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-42795 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c83b4c9f-deab-58d8-8f43-8d8de8e4df26", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:11eb79dd-6e68-571a-b86f-96777c2502bf", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c4dfcbdc-ed1d-5131-bbc8-0f791c9408ce", "id": "CVE-2023-46589", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-46589 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:845697a0-f1d6-5e6c-b775-04baba96563a", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:14067021-27a8-56b4-8940-9f4bf638def7", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4d95ce85-2c16-51e8-8459-e817e8b2a96f", "id": "CVE-2024-34750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-34750 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:db0efcb4-925b-5d4c-bb12-e84070d0dcd7", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7122ecd5-bdbe-52e1-a0c6-5a77ac12c484", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:63902ab2-1208-55ba-b8ba-e709e8cdc7cf", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c2615b20-52e5-5c74-93fb-a3ede3a878f6", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8e076ceb-d7dd-58ed-ad46-8e7c71cdbbf8", "id": "CVE-2024-56337", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56337 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:83fe7de0-98a3-59d0-8eef-d4367e682a6d", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9aabe0b9-a789-5f40-872f-ccbaaab618d6", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:75885f59-f2e6-5fdd-9c0a-6145e86fd9f6", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:78c170af-b72b-58ed-8370-755d396d313c", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:baf259fe-0b03-54d2-9d66-6be805978906", "id": "CVE-2025-48988", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48988 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:576e34fd-20e5-56cc-a619-82f9e0ac0e00", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b596c4f5-01c2-558f-8a05-412f91bbbb16", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1fd72927-e945-5450-b772-f4decaaf9e00", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:59f1aa75-7855-57b0-9099-e3c95c57571d", "id": "CVE-2025-52434", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52434 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ebdcb48c-f19c-579a-a9d5-fb7fa6b80ffa", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:057da041-d5b5-568a-9370-06ef6dd59a04", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:717e1f64-e54b-5a57-9ddd-8c1b69fe7347", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:04ff2fee-5cc2-5ad8-981d-8cf786db3fe9", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:aede0103-7902-5b04-95db-0f2f77293cbc", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b87c8eb5-027f-51f2-8a38-66b562db79bb", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8892eae8-f571-53a1-a09c-7fd3e6941cf1", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6ad71a9c-28ca-5df2-9d95-e8a33c1136e3", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fadd1bec-49fa-5c4e-9c1a-be32de352a37", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:56691929-356c-5abf-ba95-c14d1c4a835d", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fb2a0db3-f4f4-5aea-a58a-d20e4a8ccb1a", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d4b3f2f5-bb21-5342-875f-df56fe695671", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4ddcc5dd-bb43-5079-a416-8e4a46f879d6", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e54ffb91-8a9a-5099-9b50-4746da281706", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.46-tuxcare.3" } ] }