{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:60053d6e-a69b-546b-8e40-31d130e15920", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.4", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-juli", "version": "9.0.46-tuxcare.4", "purl": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:93859247-3322-53d0-aa3c-600a859898fd", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e6bf8184-8101-5909-9d40-c143b9f79958", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d846e7fb-37e8-5567-b446-1a2e72ff89b2", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b738a5dc-4171-5eea-b6c0-2dccdb971207", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3fa5f502-c494-53f2-8666-74b189dc54c4", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1fc12f85-8608-5766-838f-4c26def647d5", "id": "CVE-2021-33037", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-33037 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:298e1ad0-3084-5b8f-9c91-c65b2e5a8e4c", "id": "CVE-2021-42340", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-42340 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0c8b725b-e444-597c-9812-5ac148647a5c", "id": "CVE-2021-43980", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43980 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3d7ef996-b27e-598c-95e7-de816f9baba1", "id": "CVE-2022-23181", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-23181 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f55eef19-964f-5d2c-9b70-c7ccb5f0e41d", "id": "CVE-2022-29885", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-29885 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:df282626-94f0-5227-8552-2af77b9a1fbc", "id": "CVE-2022-34305", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-34305 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c9839a1a-b207-5235-8ad0-7213cbe78473", "id": "CVE-2022-42252", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-42252 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8fcb02b7-9dc2-58f5-893b-b3246ffd4a2b", "id": "CVE-2022-45143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-45143 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:287a0737-9128-525c-9178-44e17dc75ecb", "id": "CVE-2023-24998", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-24998 affects version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4c8c3949-3dc0-5aa8-83e8-a3b308cf947f", "id": "CVE-2023-28708", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-28708 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ab44c2c9-e2ad-53ea-ad8c-0413504b32c2", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ac5fcea5-65db-5aa9-b8b5-09ec64e73525", "id": "CVE-2023-42795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-42795 affects version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:126ebe4b-0a7c-5f9f-8864-fdded1ca90e8", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5cb64861-5d3a-57c8-ab84-e48a79a5b99b", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cec3a14f-1a7c-5417-9968-2926721ab150", "id": "CVE-2023-46589", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-46589 affects version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:889b923e-ac85-5a9a-a20a-1442134ba83e", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e85da349-7e9f-5dd2-b71f-190077a7d69f", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8ea9d731-c20e-5c3d-83f4-4b6f0a81d0c0", "id": "CVE-2024-34750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-34750 affects version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f69544ae-99e6-51fa-9bf4-d6e25bf9bc61", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:873e183d-2597-5ac3-98d2-a0dc9dc1e9e6", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a24c4130-66f9-5712-bd0a-f1f8ccc48315", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b5e86745-7c35-53c5-9911-a79e68ee8360", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4e0c3db8-a8b9-56b5-9e6b-0a7139544dc0", "id": "CVE-2024-56337", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56337 affects version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1acfb6fe-4f7a-59eb-b926-fa419efb9c65", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0dc03e49-2f12-5a4f-aa13-32f750766a84", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:454f7105-ef12-57af-8682-fffcfebb3589", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f14eb214-dff8-5dcc-b433-60fa92fa6040", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ba7e5c8c-3a54-5742-8c80-1665b360315f", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ed1c3d39-253a-5ac7-b4a2-b2f7df33c750", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:89d6d2ca-7315-5d8e-8323-9274cfd671a1", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:974dd050-dc40-555d-996d-4e29c07b45db", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:435cf349-447e-5acf-9d2c-ea890827057b", "id": "CVE-2025-52434", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52434 affects version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:faa3be1d-5ef1-573f-aa43-8f7c0b8b4e72", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:33ecaa66-23f2-5133-bdb0-c973af2abe10", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0d30280a-9e17-5a20-8e36-11a27b0219ee", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6d0bd437-4d5c-5c26-8e4f-4c3e06c8b11d", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:24446a38-45d6-5de1-84ef-b5156067d446", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0fd75c82-71e2-5b0d-8916-cd6cf42d272b", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:34ce10a2-6639-5d9a-90cd-43af8f9b87ca", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f5beca89-8b63-590a-8ebf-813b8a642a5b", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:70f73edd-09b1-578e-9fe3-8877a985ebac", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7dfe35ec-abaa-5b9b-829d-b989faa4bf46", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3bb770bf-3334-54e1-874f-6e18dcf909c5", "id": "CVE-2026-29146", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29146 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f8b25a1f-4920-579b-bc60-170753caff6e", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a7368a95-4bf0-5384-b66e-4b1e352d1ad4", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0827d5ea-7f27-5aec-81f5-20d2f1371208", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.4" } ] }