{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:e3b102fc-21a6-5e35-bde4-e7460390bc6e", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.5", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-jni", "version": "9.0.90-tuxcare.5", "purl": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:f245fc07-c588-52f0-a9cb-29e9c0c9c565", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:83a5f6fb-a46a-58da-8cbc-39d3f879dc41", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:952ab9d6-b581-5420-badd-c364b145b8b5", "id": "CVE-2020-13943", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2020-13943 does not affect version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-jni. Fix for CVE-202-13943 for this version has been already backported by the original developers, so brunch 9.0.90 is not vulnerable" }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:56c0d9cc-ef38-5ba8-8797-f9ba4592faad", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8597d0c3-c008-59a0-a151-495d6ba6596b", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4c61fffa-e88c-5307-af04-c4d12a93dde4", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6fb875d8-c4d7-5085-9bf7-37f3a96af6c3", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f5e192e6-6381-5b49-9c69-01cf98302ddc", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:532f76ad-ae39-5318-a772-b915a42d4ad6", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:93d930ca-cbdf-5c42-b91f-6510e6f7ef3e", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e71f09dd-3633-5881-ba45-dbd5b65fc8e6", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8f6bef86-d220-597b-91c8-1dc2156536a4", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f381fc72-aa06-5d8c-a318-917f7cfeba01", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6f4f6e65-b4d1-5d5b-be0e-d9b4d2237da3", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9e60e0f0-954c-532a-ae12-50128ade1672", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4cca1cd0-7f01-54d3-badc-382f0e648601", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0a8570a4-1a16-51fb-b2f0-e7417de7aa40", "id": "CVE-2025-31651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31651 affects version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:42d48f9c-b9aa-5efc-ba0e-2cdbb9e73c82", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:dd2e4ead-b478-5506-8f09-d09d0bf4d583", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:74ded18b-63cb-5a97-a634-613d4f17828b", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3b9c88d2-9dc7-593b-b80e-d26eb7ea6650", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:42c34299-7d42-54f6-921b-16290f5a6586", "id": "CVE-2025-49125", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-49125 affects version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6c100910-617a-5f56-a2c5-c082c95e8c31", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:62bc4a67-4d80-594d-a41c-bbaaf2726e9c", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:526335e5-711c-508c-af57-0822654f2dfc", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c9c08fe7-b5d5-5cb5-b6ee-1c6fae177b53", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:05e8461e-7147-5230-9cb2-96e13f3b6c29", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a440aa71-9167-5fb7-bc89-c26cb973d119", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:53da7398-2285-520d-a44f-77177c29b17f", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:af2ba285-4e67-5f57-bf14-207f0472bd14", "id": "CVE-2025-66614", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-66614 is fixed in version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b7ffedef-e860-589e-81df-97db5f18d591", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:cd8d1d1e-be3d-5367-b5cd-96b9b84c33c3", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:52f4232f-5e25-5286-8558-7bf1fff42d78", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:67d55fe6-7ab4-5098-a645-41b1ecb1835b", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6d9d8f3e-783f-5546-9274-1a3c2daec0a0", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a092e536-405f-5cc9-9210-d802b778ae53", "id": "CVE-2026-29146", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29146 is fixed in version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d83743a0-5af2-5fcf-a773-c1d3e4f58e86", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f5601428-a704-58af-8d1b-ae20f7ed347a", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:fdaed50e-ad1f-5704-9d02-1b6f8e67a0e9", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.5" } ] }