{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:f8c6131b-f624-50f8-90b3-65edd4390249", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.3", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-juli", "version": "9.0.46-tuxcare.3", "purl": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:58009805-1768-54ce-ac35-56eef27d017b", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6ed14324-adb2-541d-a576-cc5dd536b66d", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f9e999d4-6d77-5d5b-84b9-38d5af88c956", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:61d44fe4-3a8c-5d46-b0d8-475059dc7521", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:987c4aa6-66a2-5a06-bf16-6387be8b97de", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ba977c8d-f312-5ec8-8f84-a0eccba770f6", "id": "CVE-2021-33037", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-33037 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b2ac970f-0462-52b8-be92-cd28ece9b8bf", "id": "CVE-2021-42340", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-42340 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:131800ed-ff8c-55b3-ad8b-e0336702f97d", "id": "CVE-2021-43980", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43980 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8758b7fa-cf81-5586-8310-4f03a0a08738", "id": "CVE-2022-23181", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-23181 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f83a29ec-9caa-5615-827b-b58d6ee07b93", "id": "CVE-2022-29885", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-29885 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c30f43d8-aa7f-5f20-9f9d-6ee5f0777ed2", "id": "CVE-2022-34305", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-34305 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:eaca9e73-ddb9-537e-adbb-87ea289a26ea", "id": "CVE-2022-42252", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-42252 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6bd6d3a0-e11a-5d5c-8a1e-010d2a7bf096", "id": "CVE-2022-45143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-45143 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5d2c96a9-c938-5247-a590-302670a5df61", "id": "CVE-2023-24998", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-24998 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dc4fe169-1f02-5ec4-b58c-fbfacf5aa623", "id": "CVE-2023-28708", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-28708 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ea17aa69-88a6-516f-b63b-7c69d50e1ece", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:42b90eee-04cd-5498-8af1-827017390935", "id": "CVE-2023-42795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-42795 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4277786a-2ee3-5f2c-a1f4-5170cc62c435", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:334905c6-3580-560e-b3f2-7ab23525e9c5", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0a104a9b-0211-5c23-90ed-1d59eb7e172d", "id": "CVE-2023-46589", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-46589 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:672f6fc9-68ec-588e-8a8b-c44247a62b02", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:59d75962-720d-5d9f-903d-ea4e773630d7", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f3d12aaa-98ee-5fab-a616-2d51c0341543", "id": "CVE-2024-34750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-34750 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0bd01d43-5bb9-5083-a440-d674665af4b5", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e48e8c3d-c8d9-5b2e-a607-dcdee3a7a5ec", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:31a8fb18-4849-5b5c-8c00-4067060afa98", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d41b2ef9-3c00-55b5-abaa-37a7e90b7b23", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:22e728e7-6298-52ba-8b19-0cb87fe725ed", "id": "CVE-2024-56337", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56337 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:eabd21d7-651c-567b-b161-1660e9492638", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9a7aeb6f-3a77-54e9-9734-ee10b8f91247", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2babea3f-5bac-501a-80ba-38c1b2c76837", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:853bd175-53f2-58a7-a1f7-1c5b6a1e71d2", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:787a7e18-b2d4-5848-8a29-79b52999855e", "id": "CVE-2025-48988", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48988 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:223922da-ddbb-52c5-82b5-aa1caf773d8c", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2d6d41f0-044e-5578-aa4a-f161b8b62b94", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:adcbbbe2-3caa-5c72-ac36-b2f62476e9d8", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:be808196-aacc-578d-82c6-36da03fab267", "id": "CVE-2025-52434", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52434 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e3eac6eb-6bd7-5158-95cd-d206efebbdca", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5bc385c1-b9ad-5c1d-9b99-6f105c2a6b09", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:332986b2-ab07-518c-a3ef-9fe963e4c871", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2cf82f42-b9d7-54aa-bf36-117b1b726062", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:aace8d31-8ad1-5aeb-aa2a-2d5729d26580", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a6c1f1f2-f86b-5e66-8e6c-8d96e21f6e5a", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4611086d-5abc-5a02-b84b-3da93573a53c", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:de8d7174-a8af-5f0d-81d5-008b0348bf42", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fdf1f39b-af1e-5162-acf1-2dea706bd40c", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4f1fca69-ff80-5291-87d0-fe1215d392b7", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dae4b289-ab1b-5296-a3ca-802f49772195", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8d6740e6-94a3-555f-a53d-db5bac1f243e", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0e1855cd-6b07-571a-8b65-e188c432e83c", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:04195140-d6fc-575f-a0aa-c8930ababd59", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.3" } ] }