{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:4e191c9f-6cc4-5089-bf64-e8edddbcc114", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.2", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-servlet-api", "version": "9.0.87-tuxcare.2", "purl": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:55d45db7-9e75-55b6-a87e-cbf0503c331c", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1fc2b35b-59a0-5028-a016-d5904f0c78b5", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:85e41435-7b1a-5c5c-a637-347291582306", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2a91bcde-f215-5770-8d05-cf73c36f301b", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2ce5a08b-8d5a-55d7-901c-2186569ef474", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d3f27297-29eb-535d-80a4-39326a68f9e7", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:83933f74-4ee4-5efd-81c2-581383bb000b", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:12d2aa6e-eeb3-5e9e-a475-05afa0aeb9bb", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7011a58e-d604-54df-ad14-6f37843c55d2", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:83c95974-ca17-5d07-bdd0-9b9f02b095f2", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:57196dfb-aaa5-5a90-bf7e-5ea022d9a513", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d8e5307f-71d4-5c37-8331-679464f9da5e", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d4db448e-c3cf-5389-aaf9-833779fcbfee", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:41921fd6-7469-5608-ade2-9d7bb33531fc", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ab11c9cb-c18b-54e0-a6f5-520ca9a3cde9", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e745592a-3685-5896-bdb2-2cb3bace96ec", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4c9f79f8-f856-5c7c-9365-251f9a7c126f", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dc7abe95-1fe4-5992-a128-360274ff2ace", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:77d2931a-a763-5c75-8365-d9f9c84aa373", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3f360047-d456-5d8e-92c8-c17f64a5789d", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b41bd26d-a047-506b-bb14-39847c736090", "id": "CVE-2025-48988", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48988 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d9a1e48e-b7ae-5cb2-8ad3-02ae211b5e83", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:41121fdb-08cf-545b-9622-2ed3e4c4b21e", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cad7a6d3-feb5-587b-91f7-279b297284b6", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e9a1ec2c-169d-5c05-bf6c-08ee39812922", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3847f295-eb9e-5c54-82f8-214807d38654", "id": "CVE-2025-52520", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52520 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:921fbbe4-0743-5269-ad8d-88907d7164d7", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f7d2d87f-2a7f-5e4b-b937-18be406e35c1", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6b6130e2-caa6-5f00-96b8-862ecec80a26", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:85140098-3803-5178-9963-b6090852e773", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ad795b95-db5b-5e29-bb33-7e9d69f83797", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a3cfd2bb-7715-570a-b6d3-3e78e2d521d7", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:faf7b5e5-0ad2-51dc-b4ee-272b1c36b3ac", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7f696794-2984-5c5a-8bd9-50e9fb971c2f", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:40f8f2e6-1e67-5de3-b672-ad6774c8712a", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:743b6947-771f-5fd1-ab68-24c97c2b80d2", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8e262004-a370-5190-8ac0-57b36de0cf8e", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4934d091-b77d-5861-b6a2-4f7f938949c7", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a45b5860-c137-57dc-8753-594adb33c05a", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d7aaad3e-3799-5721-9dac-e5fbfcc6836d", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9cfe1327-81ae-5bab-bcd4-92c6646b9112", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.2" } ] }