{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:f0dee531-a116-5ce9-a797-693b63ab7fc8", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.5", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-servlet-api", "version": "9.0.75-tuxcare.5", "purl": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:1210dbe9-d6be-5a3f-8934-80d505b4c254", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2e972a3d-7403-5fe9-ae8c-993d6b08f378", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:deb3464a-ba48-586b-a04a-dffc7d1368d6", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:cb14ced6-5de1-5e0e-bef8-0d82ac2569ad", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:37858e85-caaf-5a80-8019-f08f7e8af260", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:cc8dba0f-2157-5ad0-b0fe-afbccdeee970", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:dbebb861-2d58-504f-912a-7b4245b65f17", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6c6dc325-cabf-52b6-b723-136b63ce0d3e", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:888ac223-dee4-5929-b0bb-9607ae4b02bb", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4fece394-f153-52e1-a6af-f24ebd81fa82", "id": "CVE-2023-42794", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42794 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:94e44bda-4882-54a1-8a34-49cfcadd1331", "id": "CVE-2023-42795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42795 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9ed7e7cb-3707-5f20-87de-4d25f1e1bd59", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:54705408-8872-5a99-931b-87bcde1201a7", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0ca510fd-026b-51c0-afbd-4f33b2e41ddf", "id": "CVE-2023-46589", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-46589 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:dddcbe03-72c1-59e8-a9d7-675e51b11226", "id": "CVE-2024-23672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23672 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:fca927c7-15f2-5705-9d9f-4a39b67c47ba", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c4bc6bc1-2e50-5a13-8c97-f5a99a9c3a85", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0085d9b0-b13e-53a0-ba16-62c090732849", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3bd6c215-b52e-5d5c-9e6d-c1163627b2ec", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6bd58ead-29a7-549f-a1ec-7b0c1f2d72bc", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:afad14b4-552a-5c83-af24-48f429fa630d", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:29eb0e4c-bad7-535d-a4af-7a880a2332f6", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e8bb9ae4-b085-5341-919c-41fc3b39d333", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:df0ced41-968c-5660-a2a3-832b865c17f5", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d8659a45-f9f1-5551-867a-636c70d13c61", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1a494a90-ba9c-5746-9ced-3d74b04c85ea", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:face4318-0254-5c11-909f-79e67ba5fd8d", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:06038371-85e0-5a32-afda-1cbcf5095944", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:56fcda83-70c7-55d6-83ea-02c0bfcb5b7f", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9b98fc09-6845-5e97-84ef-7559db611ee1", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d38a1c50-a1ac-5653-a8d4-a6f42abc8eab", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2141fdbc-3a04-5194-baa0-f568fd7ad975", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:401ad22a-0388-5edd-b503-d00291502ed9", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:db994cc1-e57c-50c2-bd34-faa7f126bfb1", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:cf629fe4-831b-58cf-8c98-66f5259cf89e", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:12860ab8-ba6a-5791-9aa2-15deca63bffb", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:761b42d4-aad5-5144-9cf0-45b131ab51dd", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:79c0ec57-d663-5ccc-839e-2e1141df7555", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0bd3de9f-256a-5145-9333-5f978c3de1cc", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2cb59874-f555-51ec-b122-ab090ec829be", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:28db9072-4fba-59cd-b9c5-1c5e00ffd24e", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b45de61e-922d-5bb8-b646-75e0fec53a73", "id": "CVE-2026-29146", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29146 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:561b1060-8f30-5276-9b3a-d59cd4c9f99e", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0733d7d9-0d6b-5ac5-b679-099f79023a70", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:bc453899-1222-5eda-a01e-71c7c98d10e3", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.75-tuxcare.5" } ] }