{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:24c25d06-9e91-52e9-b6d4-e4e1fbe3bf3f", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.100-tuxcare.1", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-juli", "version": "9.0.100-tuxcare.1", "purl": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.100-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:2bc04309-d016-53e3-ba23-35f6680df52d", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bf69042d-6e21-5a88-bf8e-d3994c805286", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:92612d61-1bb1-5f3c-bd95-7031b2359a96", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a923b140-d5f3-597f-8d9c-5809f3629542", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f688d929-7e56-5e03-ad1c-80d2149ae504", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7c45a991-9fcc-5675-a472-d3910ff5865e", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:513c9ad4-eac5-5798-858e-4777d17f967f", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a875e496-4df8-5adc-96ca-0cee6cb1357a", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3d7bd55a-da4e-572e-ad8e-82215b6fc4e0", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1c16c0f1-4dd0-5efe-9e96-20a3d4d42526", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8e937d91-b98a-565d-a986-8d644bbb8f99", "id": "CVE-2024-52316", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-52316 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7e4e2928-3a9b-50aa-ad54-8a1407becf08", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4cc08220-c72b-52d1-b43e-25fa8890351b", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f64fd794-d435-5ac2-b18f-aa78b594ab7b", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:227a5afb-d5b2-518e-80fd-d35f2dfa28b7", "id": "CVE-2025-48988", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48988 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:59d9c308-7e73-5700-b878-78967dc6a677", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e9941df3-b677-5861-ac37-d2cdf34dcc50", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8ec2e92b-2295-5eb5-8472-c4ccb196fb41", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ca284937-9e5b-57ab-b653-c668fefade7d", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9cd89015-5772-5cf0-9b38-f4159bb5aadc", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0ab8b5f2-187e-5914-87d4-a75e430738fd", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:96efb732-60f4-543c-8ce3-a0d2c486563b", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ce3d9ea1-7300-5264-ae08-e9d9b3bd0fd2", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e69e57cf-479c-5cd7-af2d-1aebdd020940", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f9754f98-6339-55dd-8da1-9eb99a04f590", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1b4d2f51-bbee-51b1-991b-87758886745b", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1c3e30ab-fad4-59e7-930d-1f8d072b963f", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:21540fac-72ad-5a0a-afbc-2fd5a2898cc4", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:474c61a7-0f69-5898-b683-e594b2e96a3c", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2fb76b81-723b-53cc-bc3e-de21abf257d3", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6440f7e1-eab2-5cd7-be1a-ae2ed2e58887", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:42375bc9-ba94-5e50-b8c3-84b675318978", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b09f8fc5-6a14-5e74-9fc5-e54f6b5cf2d5", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:babe014f-32d4-54ab-b1be-fdc45a8f719f", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4c2e6af0-d0fd-5f68-ac32-b0da90098331", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b26e2ee6-e308-5dbd-bba3-63f405992d8f", "id": "CVE-2026-34500", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34500 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.100-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.100-tuxcare.1" } ] }