{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:551cb3f6-0b70-5342-a9cd-edabbda8607e", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.1", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-juli", "version": "9.0.46-tuxcare.1", "purl": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:8fbdd931-30e7-587f-ba77-d7bcb6498ef3", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9077323f-9dd7-5929-b105-0dea1b041c67", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:649745ff-a30c-5dc6-993f-0f2f5115ed38", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cd3e4fd2-7f14-56b0-8f73-e677e209e04e", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dbb6c644-a1ea-592c-8a60-6a998849aac7", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ac54d14e-e11f-53a3-aff1-d9acf0219a32", "id": "CVE-2021-33037", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-33037 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0e722c81-12ce-5ec1-af0a-47e9d20bbbc5", "id": "CVE-2021-42340", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-42340 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4581a298-9313-5ce1-839d-9563434641c2", "id": "CVE-2021-43980", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43980 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4713a4eb-db90-5934-9667-f1c6b95711eb", "id": "CVE-2022-23181", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-23181 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5dbaba77-0d1b-56bd-9e0f-ee9dbe15b8c3", "id": "CVE-2022-29885", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-29885 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:caab6ce3-2c50-5532-8bac-616b29bf7b4e", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:526bcad7-72f2-5a2b-9405-aa017331bf81", "id": "CVE-2022-42252", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-42252 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e52ee3f2-2798-58dc-8d9d-dbaefb3b3661", "id": "CVE-2022-45143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-45143 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:49a28f88-4ced-55b3-ab91-53d90725f32a", "id": "CVE-2023-24998", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-24998 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c152309e-37fe-5cd3-bd15-40b3882fd1c5", "id": "CVE-2023-28708", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-28708 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:93ce28f1-7af5-5bed-80dc-e29f10942abd", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2e7d17f4-0a3f-592f-a863-25974243b55e", "id": "CVE-2023-42795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-42795 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c023fdd7-e58f-538f-ab03-8a259646c2d8", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e16d2f73-ec9f-58fc-8e8d-aa79de4f4262", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:efd3ba28-e5c5-55f8-985d-f1eae579dfc0", "id": "CVE-2023-46589", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-46589 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c9d7bd2d-67d1-5b0a-88aa-6fcde9825667", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:14730f12-d029-5734-870e-69cc1c2cc14f", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b24d0862-0b57-5e20-a32f-69f71b4cf0af", "id": "CVE-2024-34750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-34750 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e12c8f91-0a4c-57e8-89cc-3b01383d0ce1", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a03fb01a-bb56-52bc-adf8-fb972568ebb4", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:78efaac4-a7fc-5eab-907c-27ebfbc1c2de", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cd81f11f-da81-5f6b-827f-cf4771f89a1c", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bd2f0798-6424-54a2-98f4-1be2e06aae04", "id": "CVE-2024-56337", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56337 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d113317b-d497-5b96-929a-22d8a2499d61", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:243386c0-9d8e-5df1-92fc-9fb872cd1d3e", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d45aeefd-2d5e-50d4-964f-01bdbf05739e", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f7472c25-8737-52f3-82e1-d39fa3fcd199", "id": "CVE-2025-46701", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-46701 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:92389398-5430-564b-9a5b-15d8a6b3b350", "id": "CVE-2025-48988", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48988 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c15adebb-d231-5aea-a469-b8048263130e", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9f6f2a0a-90a3-571a-a7c9-588bbb0e054d", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:14e390d4-12cf-5fc0-9261-ac1b093fffa1", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6dc0e033-761a-5917-b9bb-58aa5bcddc6c", "id": "CVE-2025-52434", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52434 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:de51718f-9c9d-57e1-8376-22231e51d5d7", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c41a205f-1300-5f20-bb91-95486ca367a6", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1b20b2f0-a9d2-557c-b6fb-25077c77ded7", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b6eda710-02dc-5811-9f23-2de7f0f579bd", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d5f3fa54-f658-57ba-bec4-be69566a2c08", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:396e14e0-5d4b-5254-be7f-3b546574dde8", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:94e017c0-ff78-5734-8b6e-09670c3e8513", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:261a2f50-bd5f-591d-ad72-73a19867cf76", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:279b4786-5686-5d57-92ae-ef2501ee2b46", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:88d5438e-822f-55c7-9a0a-c1bd84c87917", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c1636172-7725-5678-92eb-cc5b77d7ee20", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d219501a-3183-515c-9739-b6eb1ac4c045", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:52915aa6-3343-50eb-a497-9b9f94ded8c1", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b5bfbf06-bb48-5435-83f7-f34c4dd1717a", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.1" } ] }