{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:b53e193b-adb7-5667-b740-e72d82513ac2", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.75-tuxcare.3", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-juli", "version": "9.0.75-tuxcare.3", "purl": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.75-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:a1ff6c0b-3c11-5db8-b64a-a071f4485336", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6654db2b-35a8-5a71-9c02-f1672ce73baf", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:76699655-61e2-562c-8e53-ae3f53fbd2e3", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2b469a0b-efc1-5c8f-a98e-da50316a78fd", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c98d0933-5c1b-5bbb-9d77-c2b6d8c5d46c", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4257dfa5-2937-5094-addd-705d6f44ad3d", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8012780b-e669-5b8a-a64d-fa591e5dc2ec", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:17b787f7-8866-5a3d-877b-5a28d0e946f7", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7d40cb50-d7f4-5313-9728-87d06b0f2ee7", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9823f97b-c2a9-5a90-9e82-2aa826f97ac2", "id": "CVE-2023-42794", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42794 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7cc948c7-5f9c-5572-8f96-04822184d099", "id": "CVE-2023-42795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42795 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3ace0a88-7da8-5c88-9b9d-7675832fd1bc", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:34c796b1-ff20-56c3-800e-a9148b3ce0dc", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:40002a4a-55ef-5b8e-b54d-3beb66d60edb", "id": "CVE-2023-46589", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-46589 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f4713fee-687d-5bb9-9c5f-046678a78b4a", "id": "CVE-2024-23672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23672 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e56e15a6-e0a4-5bf1-98a9-6dfc093b6dc3", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7b88c7d6-276d-52db-b0a0-921663f7e502", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4cbef312-c270-593b-83e8-5939f816653c", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:91da5856-4b4d-5471-b386-01407e777226", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:11234eca-229b-5d05-a0b8-4862dc3e7b88", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1d3f6f9a-85c5-5d7e-9bc3-f21bce0ed97d", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a8c616f2-b1c1-5321-96fa-48f5318dbbc5", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a422686f-f536-5a53-8681-78814f7f07b2", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c66c7d1b-d89f-546a-8a0b-a8bd05d3b82d", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ef093c66-ab1e-50c4-ba5a-197c6a347e43", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9a537c59-f4a8-5087-86c1-d34ba870bea6", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f9f8de02-c5dd-5ada-af9a-3ea2f9c75a8a", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:32e2e6a0-3756-53eb-a4ab-f9ef65d96b3f", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:eaa8b5a4-45cc-58b4-887a-a24073057a86", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6e544188-5642-52fd-acb1-4a3026d34e13", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4567ccbc-5eed-58a4-92e5-f2f4a79e9ec1", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b306b51c-ddc5-5c42-8a00-9ccb496f5e9a", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ccd50115-7d1e-5a66-b1a3-9be2fdbcc2df", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:82e7416f-9df1-5572-ab1b-99aa602c00ed", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:47f375d3-79f4-506b-9433-07bf26f5eff1", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fea5d3a7-7c70-5e56-a6e1-a58a0f19ffed", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7a4ea18b-6c8f-557b-a4e5-c5ab7b8d960d", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e95f01dc-aa2f-5c7b-b15f-f6a7b4b02640", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8a7f9d17-a3b9-5629-aa10-56eb43b1fb8c", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8090da44-e8ca-5b89-80c4-7646e62b40e1", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ada86d9b-5b32-591d-b901-bcb8ba7a0f6f", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8cee9c1e-9aaf-5f79-904e-05f46368711e", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d7eeb131-0e04-5b8e-a853-312664705a54", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6372e249-26d9-5414-aed7-91cb1d4a5822", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.75-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0a1ea63d-31fe-5d31-9c5a-64e996cfed2b", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.75-tuxcare.3 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.75-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.75-tuxcare.3" } ] }