{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:37ad8004-3a31-59ee-8f3a-23a0e6946eed", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.2", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-juli", "version": "9.0.50-tuxcare.2", "purl": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:4fa46a25-d644-56d8-b780-e96b6de4dbbe", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c2a1a5c3-1a06-5089-9c2f-e8840d791f0b", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6a9cc7e8-1dcd-5601-86c2-72ee1833ffa8", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f3c8f27b-466c-5986-9f89-5dad06d20296", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2961a045-f12b-58d1-aafa-cf035eef5b84", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7ad249e8-de98-59a1-91f6-c8178996396e", "id": "CVE-2021-42340", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-42340 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b0f3e260-9fd5-585f-b98c-063f05e67f1a", "id": "CVE-2021-43980", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43980 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ef6b6372-bf1f-5961-a5a6-657fce271e07", "id": "CVE-2022-23181", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-23181 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fc888f97-e407-5ce0-9a55-b7b3e0a5f3d5", "id": "CVE-2022-29885", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-29885 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5d8d1293-90f1-5db1-ac1a-6cec44d5f154", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5bf8813a-fcda-57a5-b497-ebd694dbdd2a", "id": "CVE-2022-42252", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-42252 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:37768fc4-d613-5256-a56c-ae312d6c5fee", "id": "CVE-2022-45143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-45143 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5f8665ad-6b75-54c6-9b1d-f963e131af24", "id": "CVE-2023-24998", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-24998 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d635e78e-8e45-5eb4-9d98-f8e7f7ce69a6", "id": "CVE-2023-28708", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-28708 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d07884c4-7e8d-5029-92e7-4cf1b841a425", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4b451e17-c3fb-5ea1-abdb-4bff85babd23", "id": "CVE-2023-42795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-42795 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0ff2e246-5abd-5b61-a962-906932641443", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7a2d2f70-9a50-569c-af01-3597b98e2747", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f86013eb-592b-525d-b867-ed00cdca1e15", "id": "CVE-2023-46589", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-46589 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4efd6465-367b-518d-b21d-a9e1b9786f36", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e05d0108-33ca-593c-849d-7b53cd7e8a83", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b755c32a-0b43-5a05-bc1e-d216957a3818", "id": "CVE-2024-34750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-34750 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:683c214e-da60-5203-98b1-7a7e1b2cea0d", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:58ecb054-df84-5467-be3d-09636a66ab4e", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:006c81af-154c-56b0-a5d7-492653e0dfeb", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cf5348d1-2d18-5679-9028-32adacec697b", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:056a2a93-d47c-50b8-a710-68c20124cd3f", "id": "CVE-2024-56337", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56337 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d737b81a-7e14-5fff-b056-accd8dbabfcc", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2839fd0a-2e12-5fcf-9f71-289648486f91", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e5214e6f-a4cf-51ef-87f5-06f5cff97b8e", "id": "CVE-2025-31651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31651 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8142bc74-8346-5e0d-9df8-9afe24cdd681", "id": "CVE-2025-46701", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-46701 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a5a388bc-f274-55b2-b2e4-c81cb8699da1", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3db57eb9-3e6f-521a-86bf-84de25fdc18f", "id": "CVE-2025-48989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48989 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5de3004a-4d8f-585e-853f-3a5940395356", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8a228ecb-eadd-5fd6-a218-5fe9da132374", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:96445fba-db18-51c0-a2ec-235dd896309a", "id": "CVE-2025-52434", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52434 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a2cf176c-1eac-591e-a088-e3b424675c50", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a898baca-b635-55ff-a36d-2e5b805dfb28", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:34065f1b-2a39-5977-bd34-b2cded1d6172", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8429a012-c613-5318-a7f8-04494cdee111", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c008274a-b698-5e79-a828-081ec1a5c752", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9a249262-e238-5922-b2ff-82783fc41d6c", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4bae1ea1-49c0-543a-bf13-655f94e1f2a3", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:18a54151-03f2-5bb6-a881-b8275963d7f4", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:934e39fe-9cae-5ea8-9967-2d84824fbb99", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:24b5d0dc-d7f9-521f-ad79-b49ef2b87503", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b6a70c2b-1911-57f3-9506-7011b83e1b60", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bfc6fca6-e6ad-5338-8d74-6c2487be40b5", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e103e51a-35cf-552f-b2ab-c40c1fddfbd3", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:84d1a6be-82f1-50a0-b19c-ffe60eada33a", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.2" } ] }