{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:70fccc64-7192-5b5c-a467-2c363f66ef12", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.7", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-jni", "version": "9.0.50-tuxcare.7", "purl": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.7" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:b24859e2-836e-52ce-b73f-7ff2558f8551", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:d8eaf8ec-f7b6-569b-a7a3-44bd399e740c", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:9cb9ad3d-a8bc-5ba5-aefe-d23d66b8fdd1", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:794433ae-710b-5559-bb88-dd08a212d136", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:2a7abdb4-1dcc-5dec-9a17-fabf06a359d0", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:21811cf4-31ff-574c-aa07-b5c71e47c0d6", "id": "CVE-2021-42340", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-42340 is fixed in version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:1e402e06-54e2-5049-89e5-3e2a2606664c", "id": "CVE-2021-43980", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43980 is fixed in version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:d3f16709-2f25-5613-b69c-d87e51859d5b", "id": "CVE-2022-23181", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-23181 is fixed in version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:ea483e69-b0cf-5e02-91f1-3377a9fe8fae", "id": "CVE-2022-29885", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-29885 affects version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:a6b4e9b3-8662-56ec-8a61-31bb4ecc368b", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:42c166d5-1f5f-51da-8e97-42b5ff5771c2", "id": "CVE-2022-42252", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-42252 is fixed in version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:03dc6384-6e96-5047-9ea0-8506394afdf6", "id": "CVE-2022-45143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-45143 is fixed in version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:ec26bd19-f77d-59d2-b046-5df7551bcf49", "id": "CVE-2023-24998", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-24998 affects version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:85b1a7e5-553a-5bd9-8f84-2143a75383de", "id": "CVE-2023-28708", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-28708 is fixed in version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:4ae9a4cb-58a9-5c1a-80b5-7ac2a002f643", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:cf1c66ae-36db-5d8f-8df0-f9554ec382a3", "id": "CVE-2023-42795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42795 is fixed in version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:4a11944e-4428-5211-ad6b-9be91ceb76a7", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:20516c9b-9611-5870-9af8-c934eb061830", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:148da5b1-152d-5a94-b065-75179350d4f3", "id": "CVE-2023-46589", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-46589 is fixed in version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:5334c3b6-51d1-5153-8535-4c8066067860", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:1a3d466f-cbf1-597f-b39f-00aede5f8aef", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:44120a4a-8489-52dc-a44b-42ce1bff37ab", "id": "CVE-2024-34750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-34750 affects version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:49d909af-a2b8-55d1-9125-6e24bd4cb90c", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:8d872d9a-9500-58ad-a35d-9d681eba0b79", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:78f8d21f-1905-5b2c-ac7b-9c686a7c3e5e", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:2bb15fee-2994-5d11-9553-fc29e622238b", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:f41b47a4-a529-513a-b2c3-6b239b47f582", "id": "CVE-2024-56337", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56337 affects version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:58f557b1-f438-5450-9314-4d92107c4832", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:d35a4875-fb12-5c00-8b7c-f5de38073d9e", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:98f88116-dbee-5a7e-8e4e-4d7c6e6ada76", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:92ab0f1a-cbae-505a-b065-c82f36cdc9a2", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:ed48287b-9fb3-5419-b07a-dcc5c15e2a5b", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:3dc1ad36-3851-576f-ab1a-cd123fe0f8a7", "id": "CVE-2025-48989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48989 affects version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:c09d8dac-b7ca-513b-a830-8931d60c11ee", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:ee977df2-e664-5ff6-8418-00fe6328f02d", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:4c18e3cf-d471-5e9c-a1a1-ecf14af30ea0", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:4ea8f085-0e6b-56bd-b3c6-e43a7bedccf0", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:9352b4c8-6c36-5eca-87f2-6128d937b055", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:2e927859-50c4-5a3d-a2c3-1545eb79d81d", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:5561f358-1752-5b91-ab60-6df188fd1341", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:3faac948-adcf-5f6e-a58b-2503319110b1", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:1dfd4453-a383-51a9-a2d9-502fa23f0244", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:83f11247-24dd-5a01-91c5-7613e55b4544", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:b265d792-cd8d-581f-979a-9112111e5ed6", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:deef3e04-34a4-519f-9db4-d75a18187938", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:0329930c-7b58-5596-90aa-4bfe17cab677", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:acf2bc85-ea46-56d8-bb60-8892f1412c8f", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:efebdec0-2958-51f1-8899-40a68fa2e4db", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:79b1ba72-0ea4-5135-8dae-7f29244c2364", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:f1a04c5e-45ba-5ed9-8c70-1d27d5da1e59", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.7" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.50-tuxcare.7" } ] }