{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:14f42929-f512-507e-bc7f-993e7e6cda4d", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.2", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-juli", "version": "9.0.46-tuxcare.2", "purl": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:35f2dcf7-c034-59b6-a87d-23de08402f57", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b0003a90-6319-5df5-ac51-d5c0ac62a375", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4879921a-467b-562a-8844-5a42afcb1416", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d3cc82b4-2ff6-5f17-908c-0b934b13bff2", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b2351fa0-a16e-55d5-bce4-948dffe6cd5b", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c3cc2c45-617e-537c-a394-cf454c65591f", "id": "CVE-2021-33037", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-33037 is fixed in version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ceea6f16-af9e-52e1-bc72-2ca68bb81795", "id": "CVE-2021-42340", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-42340 is fixed in version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:09f271f8-84c9-5d23-a44e-251a1d83181a", "id": "CVE-2021-43980", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43980 is fixed in version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1b5bc2e8-df32-5a7a-9c69-808927910cac", "id": "CVE-2022-23181", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-23181 is fixed in version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:71a5c628-da67-5672-a7b2-dc58b3940b79", "id": "CVE-2022-29885", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-29885 is fixed in version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8c128caf-932c-5bd3-871c-16efee745d77", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4eec2621-34fd-5798-a370-f4ff76e42de3", "id": "CVE-2022-42252", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-42252 is fixed in version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b4d57599-c3e3-52b8-94f5-c276cee00828", "id": "CVE-2022-45143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-45143 is fixed in version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8f7f749e-78c7-51f7-873b-dedcafed4700", "id": "CVE-2023-24998", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-24998 affects version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2aba4015-d23d-5eb6-86c7-4d76add9245a", "id": "CVE-2023-28708", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-28708 is fixed in version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8c08ab0f-6705-5928-90ad-51001793c928", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5d8bb261-3863-516b-8df3-119cdb16ac28", "id": "CVE-2023-42795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-42795 affects version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a491796b-2528-54c9-83ee-753d645de1d0", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e9f02feb-8d58-579d-99d5-1ee76d4bac6e", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:614e34ce-6008-5657-9dfe-7dcc78077d3e", "id": "CVE-2023-46589", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-46589 affects version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5bb5513a-4ef8-5215-afa8-d8b162568c28", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9f545363-45f8-54df-b573-598e8141b446", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:faab1d8a-ab17-5cc2-b61f-58f5c9fab659", "id": "CVE-2024-34750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-34750 affects version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2412fac9-1be4-5028-8a4f-89e0b322a6ff", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dd33f2f4-2936-5ef9-9f2b-10fc8c288d63", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f4aed1b3-8292-5760-a54a-1936a49cfad5", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c44e8dc1-dcad-567a-84d4-98c2bca9748a", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c9b0a7a3-0609-52a8-a594-adae0feb843a", "id": "CVE-2024-56337", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56337 affects version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0ed1770f-138e-5c9a-bea1-214499bb94e7", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f67a4c2f-2b29-5580-8d20-bd367e809101", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b1ad149e-2acd-5d48-bbd8-1e07e4163390", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b2880e5d-9d06-5792-9ab3-293636ed0247", "id": "CVE-2025-46701", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-46701 affects version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:07e0eb23-8ac9-5c96-ba64-c3cffe8ba77f", "id": "CVE-2025-48988", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48988 affects version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4f6bbd5d-3f9d-57d9-94bf-00112339fddf", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:84491cf4-04ee-5177-b18d-859a2941a55b", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f5de5daa-80fc-5942-ae10-358c93fd31b5", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:854c3e19-2072-5ad6-afbf-f6d109c0c86d", "id": "CVE-2025-52434", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52434 affects version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e6ff76cb-1b41-5ad2-bbf6-adfe424b063b", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7d4a831e-8570-55fa-bffb-fdd0612a295e", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b3336754-61e5-5760-9da4-5326bda4d0e0", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:77296b08-5e1b-591e-aad2-11ae62d276cb", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9c16e634-59ba-5688-81f9-b8f5a5c7e862", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:eb241969-fd04-539b-8f80-71400931c3d1", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ff159e1c-c081-5f22-88c4-8e4dc1d9d98d", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6c888f57-62b9-5113-b0a0-91315d2a26fa", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6cbfadb7-102b-5296-b1f4-1a3b1ad54ffe", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:61f6f03f-cb75-51b1-b844-d24a95be31cc", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2270538c-e5ae-533d-8102-cd338052011f", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6ab198e8-3d6c-5b28-8604-6c4b983687fd", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:893dfa4c-245e-5b12-8492-e5caffd4e0ca", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3b35ae8b-94df-5f43-9804-484c6195684d", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.46-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.2" } ] }