{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:132047bb-1f4d-5e22-84eb-4e359308405a", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.1", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-servlet-api", "version": "9.0.87-tuxcare.1", "purl": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:f24bad7d-4059-58b6-9efd-b7d2c872b9e1", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fa84f274-4dfa-5d9d-be78-bfacc356814b", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0670ecc1-2cd7-55c0-9212-416434221f55", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6dfb16d1-9c63-52f9-94af-df3f3a55104c", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:051a2f65-1768-5eb7-935d-ff57f3952745", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b87cac07-aa7c-58f3-8332-1a96d2ad0930", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a4f50545-828e-5acb-bfcc-82d303bcae50", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:66736860-cc26-5f3f-afd4-71e10c6f4e70", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a71c05ff-9929-5ea8-be6f-9434066ef393", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6d9ce07b-69f6-5db6-aafe-04a1eb5d2d2f", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8af6c16c-d749-5384-a10d-3b06d149ca60", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3945ccdd-416a-5ab7-9ff2-47eb5d2175d1", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:68111bd8-8512-5e89-be2d-7b403aa1c688", "id": "CVE-2024-50379", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-50379 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9e119ea3-1d45-585c-b11d-782da528afd3", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0b73e981-8d10-5f39-aa7e-c4181d4b325d", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2c31a255-8c76-5dab-a965-394656516e4d", "id": "CVE-2024-56337", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56337 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:49e9cd10-57d9-518b-a550-0d0f1432644d", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4cabd5bc-d42b-534a-a562-2b69289dd9f9", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:82e5de65-3043-5f4b-b869-58e46d598b26", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:69ec3f2e-fa3c-575c-a608-f5c204ed1bb8", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c3c08011-4e96-5d68-9d79-e5d44b79c136", "id": "CVE-2025-48988", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48988 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:568bd769-5e06-54ed-8448-328996608f3d", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b871bc14-f656-5e5c-9767-b145283559c1", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bfe29dfb-26e9-527a-b813-642ebd6b8a90", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4ccbc5e0-8b73-57fa-a4d1-5b94f0d675f8", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2e85c258-95b0-5730-938b-e54d832aec9e", "id": "CVE-2025-52520", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52520 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cc95b754-b125-5a36-94f5-c7b315d47057", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:42eba89c-e0d8-52c6-afe1-a8a57da44c7d", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d1c7075d-9745-5cc4-95eb-a7d73aaeb471", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e8b02615-f406-59ff-8684-4ae76e20f910", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:254243ae-9e03-5458-9de7-4e6e547b889e", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5b516d49-8179-53ff-a5b4-0b13e6ce40bc", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:02195f09-967e-542e-9085-1d07ba8dc1a3", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:36abcb65-83d0-56a1-b4d7-5529d9422237", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:34b6034d-f126-5026-97f2-eebd98592607", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:36802a8b-a252-5784-abee-7d383260650e", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5b4f0f0d-6295-5e56-9fbf-d6906fa6a39d", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1b266283-3ebb-5fa9-823c-917ee87e8352", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:08af63e3-94ef-5b13-be58-714de3c4577c", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:901529a5-7dce-534a-91fd-a87edf1db2f2", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bc1c8ba1-d847-5613-aa8a-c0dfd6427bdf", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.1" } ] }