{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:0f65a015-bc44-56c8-aac7-9e4e9c9fbc80", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.2", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-servlet-api", "version": "9.0.75-tuxcare.2", "purl": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:845be078-cf73-53d9-a96f-ab24375fa07e", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4f1b7c78-32ac-52e7-a085-db3096c003ea", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:039926f6-a168-54f5-88f2-99cb55054149", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bdebc6c7-e43c-5719-bf55-5de060c118cf", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e3827e5a-0649-54ba-a2be-a5828a8979e3", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dca712af-a74d-5f8d-80af-3b1973846257", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d692ed77-e730-5cf1-bb3f-f4a940e81d00", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:49015454-09b1-5a3f-881e-c000912311bd", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a755ad3e-452d-5832-85b1-d3e0496e4877", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f0bcce7c-482d-5a79-8a59-0d7bff89ed8a", "id": "CVE-2023-42794", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42794 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:16e1a09e-7081-51fd-9d73-884764e52d88", "id": "CVE-2023-42795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42795 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4a5ed80e-accd-53a9-a373-56d6dbb8e497", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c2bbbc12-e83e-5cb8-ac48-35a27dc270d6", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b48af47e-62bb-5b34-bfb1-58737d62751b", "id": "CVE-2023-46589", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-46589 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:df58cfea-c602-5c95-919c-031a299d9266", "id": "CVE-2024-23672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23672 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:527db4ac-7e1f-575b-a201-59467515adf9", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:812dcbf1-d861-5682-927a-80e4b7339fe2", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:32d24fa5-89b1-5f6b-81ec-cdee970f1de4", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:417c5162-668b-58df-9a37-9b8156fbd985", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ccdf5d8f-ba89-53ba-9ec6-7aa9c03aa0cd", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:238f1bf7-d990-575a-907b-da8be8af60e7", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7c1fe1c5-7d7a-59f1-86c9-a75fd20184c4", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0caed3a1-6ff0-5ff1-9b34-8b6ca034ad9f", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fe200ad7-8f02-5f67-8955-0a1224ca3d47", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0afdea40-b39e-579e-949e-a07a95984bf4", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7052b986-04f7-53fb-943e-4f1810783866", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:47720a72-8edc-510a-be8e-2790453b7e36", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ddce7169-6bc6-566a-8078-65cb42411af7", "id": "CVE-2025-48989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48989 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:87611f87-d961-59ad-b596-491d515d1e4f", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b3a6f5b3-1a34-562d-a5aa-d64280d040ab", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:303d45c3-a77b-55d9-9d56-4a7a0b118505", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a8798fc2-fed8-5ac1-98ce-e9f1831c850e", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a99b2875-d0be-5935-9fbb-14619e051802", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b263acee-44a4-5631-ab29-b2ebd99a5042", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9bb911cb-4dff-53b0-9af4-452fd2dfbe56", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:09f12a31-e069-5f43-a269-4512495c4e2b", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:39c1c45f-cfeb-5731-9618-8644d11e1d3e", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4be733f0-69f3-5162-a3cf-b00da8ca4ff6", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:87d0a9cf-2cf3-52ae-b40d-81ab985b7a8b", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ee1322f6-9c9c-5f4b-932f-e59dc5896c93", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6daa8ca6-fe76-5bad-af28-5bd36bdff1b1", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a8c122c2-b8c4-54c5-8da7-71a3f3037aa5", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cd8400c9-69a0-5310-9944-a984747433ee", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:df23004c-bb54-5802-8d0e-178c3c914d8d", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cfcd408f-a89f-5604-9338-1de04d1ecf39", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.2" } ] }