{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:6982eac8-b066-5dec-954b-43097d1d4717", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.6", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-jni", "version": "9.0.90-tuxcare.6", "purl": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.6" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:a7480f31-d94d-5e4c-a8f4-fcc3ef22dc30", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.90-tuxcare.6 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:ac89bb67-230f-5817-ab3b-0f4dcf91f7be", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.90-tuxcare.6 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:807ba347-f6ea-5017-a136-569b3b80d7a6", "id": "CVE-2020-13943", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2020-13943 does not affect version 9.0.90-tuxcare.6 of org.apache.tomcat:tomcat-jni. Fix for CVE-202-13943 for this version has been already backported by the original developers, so brunch 9.0.90 is not vulnerable" }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:c536345b-44d5-5b44-88ab-b0f6f9b327bb", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.90-tuxcare.6 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:cf2ffac6-2659-55c2-b5c3-b134ec4f713a", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.90-tuxcare.6 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:558bf021-5d88-54be-b1c2-252a42288da3", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.90-tuxcare.6 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:eeef8b72-ec22-5cad-8a59-57228c8e7c7a", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.90-tuxcare.6 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:b5c6208b-58d3-5884-889c-951d03be3414", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.90-tuxcare.6 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:41ffb3b3-3976-59fb-a634-217b18c2e907", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.90-tuxcare.6 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:8bb557d0-4a0e-5611-aac8-132f1818d68e", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.90-tuxcare.6 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:0123e169-a5fd-5366-844c-ba30d99c359b", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.90-tuxcare.6 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:370813d6-9801-57a2-9ec5-9c3a51287141", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.90-tuxcare.6 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:213d9d04-56d8-527e-83d9-bfb3886d6b08", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.90-tuxcare.6 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:03745a38-120b-5426-b323-7ef347ec01cf", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 9.0.90-tuxcare.6 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:a832a1f7-1d79-53bd-89f1-3415974543d7", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.90-tuxcare.6 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:757b8192-b785-5444-9e91-92d4fe1dd103", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.90-tuxcare.6 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:3f3bff77-c7a2-5815-8729-a5b1dbb2addf", "id": "CVE-2025-31651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31651 affects version 9.0.90-tuxcare.6 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:386c409f-cc46-56f9-926a-612f75788246", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.90-tuxcare.6 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:3854d82f-e596-553d-a06c-279398664a15", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.90-tuxcare.6 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:9eac91a5-fa87-5dae-b065-4d0171a01823", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.90-tuxcare.6 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:b3dcb8ce-6119-5aa2-85df-45d3542ac127", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.90-tuxcare.6 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:d6a67456-1888-5a31-9c76-27313345b995", "id": "CVE-2025-49125", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-49125 affects version 9.0.90-tuxcare.6 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:8169f9b9-9351-5e03-88c7-211c940b2eab", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.90-tuxcare.6 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:7dbeb262-294e-5331-be65-b934c56ca02b", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.90-tuxcare.6 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:7381ab3d-0dc6-5b2a-a4e0-c71c7a5b0b87", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.90-tuxcare.6 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:a4867d46-a8ee-5bab-9c4e-3b2e280fe06f", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.90-tuxcare.6 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:c87f8080-7304-5d33-bcd8-ea2df919ccd3", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.90-tuxcare.6 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:2fb7bc02-6a91-5fe9-a28b-f08324977996", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.90-tuxcare.6 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:fd08cbf0-88e6-5f08-9e34-b1ca967e5006", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.90-tuxcare.6 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:0e9a8725-4830-5828-b84a-5ddf17c3c202", "id": "CVE-2025-66614", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-66614 is fixed in version 9.0.90-tuxcare.6 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:2d9bd5f5-a11f-561f-9644-0882877f5b04", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.90-tuxcare.6 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:17434011-b0bd-522f-b120-3f3433e30506", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 9.0.90-tuxcare.6 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:db40a8ad-5eae-5a68-bd2b-f21d0e9d56af", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.90-tuxcare.6 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:96e0f27b-a1ba-5c05-a4be-019a1449f191", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 9.0.90-tuxcare.6 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:3177baf6-5af9-512c-b12a-9dfd94af820a", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 9.0.90-tuxcare.6 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:df098972-5877-5b28-8909-99dffc9eea16", "id": "CVE-2026-29146", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29146 is fixed in version 9.0.90-tuxcare.6 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:d99368a8-1fc9-5217-97c8-4e22e5018b30", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.90-tuxcare.6 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:9cdbae58-0f4f-5b12-b105-d1ba3c8fe7ee", "id": "CVE-2026-34483", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-34483 is fixed in version 9.0.90-tuxcare.6 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:cd8f4c83-8e41-5f9e-8b07-d4a1890aa7cb", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.90-tuxcare.6 of org.apache.tomcat:tomcat-jni." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.6" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jni@9.0.90-tuxcare.6" } ] }