{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:eadb5571-4769-500f-afe3-c034367260ee", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.3", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-jni", "version": "9.0.50-tuxcare.3", "purl": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:4297ed0f-8f6b-5cae-bff9-c89738a04514", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a8ad2334-1613-51cd-ab96-3908bbf10893", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3b042f30-1f82-52e9-ba9a-dfddb4e3b629", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:06ee2529-a01c-5207-86b5-2ea3c1f5b8ce", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:658d3fbe-aaa9-5d03-aa1b-bb7c04c3b220", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:03b3726d-35db-5491-b7db-89ca601dc3ef", "id": "CVE-2021-42340", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-42340 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:48180d80-274f-5ff4-b2de-3b60d41f3b69", "id": "CVE-2021-43980", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43980 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:89d12fd3-fb84-53d3-8496-adc25436ae27", "id": "CVE-2022-23181", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-23181 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b4a814db-30d6-5d82-87b3-d6a0c39b6b13", "id": "CVE-2022-29885", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-29885 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a3984da8-e01d-5814-8deb-03b014ac21a0", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6f628460-3c44-51a2-8b71-090cfbf8baef", "id": "CVE-2022-42252", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-42252 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c6698415-f9c5-51f0-a1ea-72f40c5fcd77", "id": "CVE-2022-45143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-45143 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2d519dfb-aecc-5d19-a532-713c59c41a5d", "id": "CVE-2023-24998", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-24998 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7e598e23-4091-56a3-a78c-505dd9806a99", "id": "CVE-2023-28708", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-28708 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:86020c97-99f7-5e88-a3dd-a3553b56337f", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8027226b-c1af-503f-ad34-e75116f0f3b9", "id": "CVE-2023-42795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42795 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f289ec65-6355-535d-99ff-2e0e567f7f84", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:df279b37-962b-538e-b0f3-5e71febe28eb", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:896b858b-24d5-5397-9de7-67de31d96cd1", "id": "CVE-2023-46589", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-46589 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:63fad76e-cdb1-5a4c-a32a-3c26fd958281", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:10889938-2556-503c-a0ba-58ae588ec40a", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0d180894-6662-5859-8822-d20acaba7843", "id": "CVE-2024-34750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-34750 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bff08826-912a-543a-ace2-c601183be268", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2ef63d34-7409-5494-8a67-8fd8a8e6d7ac", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:10ee706a-31ba-5941-9156-0263bb5e16bb", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6f56f0ee-127d-5557-afda-fe70d9ddf7ce", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:58d216d7-7fbf-5787-b94e-51975f478ebc", "id": "CVE-2024-56337", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56337 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3e8b5fd2-84c0-5f6c-9da4-14ba46fb3426", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fe73efc8-2656-5ade-88fb-ae881ddacd01", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3cb4c610-034c-50b6-ae4e-907c160599e5", "id": "CVE-2025-31651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31651 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:87aaa089-32b1-5114-b2e8-4647c30809b3", "id": "CVE-2025-46701", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-46701 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:17081f7b-b1fc-55df-badf-ae9b8fa7074c", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:295bece3-575b-58e8-86f3-2de16a6db5d1", "id": "CVE-2025-48989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48989 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d0087245-b295-5311-861b-327e1392657b", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b89409d9-f3d7-580d-875b-d67b71a785ce", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:af647e9f-86b4-5ee9-a4fb-90d63badeee5", "id": "CVE-2025-52434", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52434 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:34a72712-2d71-5b0d-af80-256636734264", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:25e390b8-6127-5d06-814d-d2011742afe9", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9835df7a-ff5f-5095-ac07-951a00766785", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ddba3078-3623-5369-98d6-bb5eb55c464e", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1bb6be66-1779-5407-b4cf-d4dd1ad237ec", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cc2a639b-774f-5021-9e57-cc105b189eef", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4d8915f2-cb12-5e05-9b64-84453b76a731", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:26013bb6-7451-5381-bf2b-ef0be6ba3778", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3e01f4f8-5f0d-5b43-a7d7-0d4dd763d56b", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:75c1ab92-515e-521c-8b70-449b8c406ee9", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1dc2e789-8022-58e8-9ff6-2c5a6d5f6dc3", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fdf70ac2-e265-555d-bbca-71f1f2f5e7ce", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c6785ee6-4a03-5b3f-98cb-fb5d40e029d6", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c07a2a43-e87c-5e0c-af7e-15d12899dc59", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.3" } ] }