{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:8051e1d9-bc2b-5d0e-9515-58dc0779b7a8", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.7", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-juli", "version": "9.0.50-tuxcare.7", "purl": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.7" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:e20de7f4-eacc-5588-860c-5dcce7e30b3b", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:a3b875fa-ae75-5304-825b-5d1b76b6588f", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:f7cfbad6-9fc4-53f6-83dd-6d6e5aa64453", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:504ba270-36cd-5408-a17a-d68afa05790e", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:15e2566c-156c-596e-819d-105b936fc45e", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:48e1ca4e-9c41-531c-88a9-af77d5256ed3", "id": "CVE-2021-42340", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-42340 is fixed in version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:4e3bc5b5-6495-5419-8d48-8ed291520512", "id": "CVE-2021-43980", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43980 is fixed in version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:56cbcd2a-a6f7-5aea-be94-fc4af81a9dde", "id": "CVE-2022-23181", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-23181 is fixed in version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:9fc2f528-683c-5fee-a3b5-1948390f5a45", "id": "CVE-2022-29885", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-29885 affects version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:f88522be-c50d-578f-8ddc-e2d55932c393", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:c8288ead-a4d2-56ec-8628-094c361a2f47", "id": "CVE-2022-42252", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-42252 is fixed in version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:01834c54-7d45-57d7-a686-2d4cec61a51d", "id": "CVE-2022-45143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-45143 is fixed in version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:55e3570c-b659-5903-8b0e-af90aeb1e805", "id": "CVE-2023-24998", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-24998 affects version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:d314f0c4-a73f-5475-8bcf-de1f02fa8a26", "id": "CVE-2023-28708", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-28708 is fixed in version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:51107226-b4ab-5d63-a29a-5558ee8a0644", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:0b29d9d7-acf8-5651-9a55-c97a30c65138", "id": "CVE-2023-42795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42795 is fixed in version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:199d9556-c729-5119-848b-5a2f6d770950", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:3596b016-ecd6-5253-8b46-33b5d3f7f3ca", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:43c70504-79c4-5a5d-8f3f-16e0ac20f5ed", "id": "CVE-2023-46589", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-46589 is fixed in version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:88b7570e-37d7-5c57-a8f5-10446527c8b1", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:b739770f-99b1-5cf4-a596-8eb8221d4fd3", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:54a7ead6-3fe9-5371-a3e0-596833b57ddc", "id": "CVE-2024-34750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-34750 affects version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:53c80342-e6de-544c-a31a-3a5ca514e09a", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:e714d4ab-f661-5ecc-8507-b28909bb9e8a", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:b002590a-1cd0-5ab3-8050-bbbbb15e1378", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:c0a35680-1cba-570b-89bd-a1382ac09249", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:054b64e7-7719-5a33-9741-b9b74d4eecdd", "id": "CVE-2024-56337", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56337 affects version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:c77afab0-e774-540a-ba9d-a81eb57c1af6", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:2f19d70a-fde7-5596-b73c-71366cf7694c", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:3766dd8a-6346-52a2-98c3-2861362ba6b3", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:372e5c55-7223-5c62-9753-62ab71a24ed2", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:c7c70208-ca58-55aa-b0ed-1841b7c122e9", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:acf1b049-ef4e-53d8-b5f6-3e142de83405", "id": "CVE-2025-48989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48989 affects version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:d09656a2-3542-53a2-b35d-445b221ba1d4", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:ef207703-9c5b-569f-a35d-d95be5dc104b", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:4713dcce-fa85-535f-8de3-b7f1501e3c51", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:c6f9c15f-0900-5217-9015-edde4ecee747", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:fad1a244-23f1-52cd-ab5d-94cbc6e86057", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:94a3c032-4e9a-5462-baeb-95bcebd8bf4f", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:bdbd7d56-e705-5093-95e9-41de9ae89b2b", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:1fc5ad22-2987-52d1-8daf-46cb33156d84", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:5911a5d9-0c3e-57ab-8ada-f140e8423c99", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:dfab934a-d7e6-58a4-bb31-93763fbad823", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:1a92f502-f83f-5be6-af5c-bb1e977df6b9", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:091431d3-9bd0-561c-aa2b-0e659099b881", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:c57dba0c-ad36-5062-a68f-d9353fc97f67", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:c65a27ac-798b-534b-a1e1-1ac854147cf1", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:c5f30db3-9318-5f7c-8eb4-7e28a2e7f848", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:7fb88afa-df27-54e6-8ce5-02036e8a46ae", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:aa8420f3-49b4-53e1-9a3e-0a81dc784fdf", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.50-tuxcare.7 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.7" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.50-tuxcare.7" } ] }