{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:7a82a786-96a7-5b4d-a1ff-263f0d4fe277", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.4", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-servlet-api", "version": "9.0.87-tuxcare.4", "purl": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:d26c2317-284b-59d5-a32c-3bd96fb70e6f", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3a57df0a-7059-5a32-b988-11108d16503c", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1c3fdcac-60d8-51b4-8403-04448b50344f", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:95b895c8-b727-5013-ba02-125a596622ed", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:27fa35ec-5584-5fde-9c47-d2d65e702fc6", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7c285ecf-2f28-59a5-b95f-8379c18cc084", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e2eaa660-3836-5db2-a544-67100d4578ac", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:83fc8e0f-7ae4-581c-b21e-3854111f92d1", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b5179868-c222-525d-afb8-bbc28987597a", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f2c5390b-d3ab-5690-838c-db04b7f73821", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3a7c091a-ec69-5929-9593-dd26d77d7d2c", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5c7727db-254d-5f70-80a1-651ceac692a4", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:003821d1-1b01-54fa-a7f8-dd54e4a5b5d2", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e8b3cce3-6819-50c9-8966-5501afe8f825", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:85cfeba6-6ba1-5049-b8e9-16c48dd75d84", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6e13674f-0199-54eb-8d3d-f6c3e7d06e6a", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ac4122ae-ed51-589f-90a1-c8753670e26f", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:79ad2f34-191e-545f-b59c-1b438d6d31a2", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3685a1c6-0daa-54ca-b998-4e3d39fb37c0", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:056562b9-17ae-592a-b4a5-0efa6566b215", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:eac55980-5ac4-5a3f-8f90-a26fceb5980e", "id": "CVE-2025-48988", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48988 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:364467f4-2e5a-53a0-8edc-95ce8a6a6e7f", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4b169115-cf4c-503c-aaf5-289ef70f23b5", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4107ba1f-4351-5c5c-b4a2-cc8144cf1bbd", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bd2d1f62-afb9-56ed-b613-2bed275ab139", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:030666d0-8522-5cbe-b10e-6315fc7853cd", "id": "CVE-2025-52520", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52520 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:89788d95-a8ca-5fd8-b7c3-29b2ae6846d4", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8dbfd288-eea1-5107-a3f0-6a27b8531e56", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b0681685-66d0-594a-8460-40a0791fc6f1", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:128a3fd9-bb5d-50f0-9f26-bea4a25b06f9", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4af2c4d7-3a47-5e18-9e65-07c793100a6d", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c05c5937-826b-5a26-a3e9-6495f4910fdf", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c51fea93-28b7-55e5-b9a3-fc7d25adc321", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2f4af03f-e0bc-54c6-bae0-d67583a387f0", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f4abc5a9-cfb1-5fa5-837b-601ffff02dc2", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b4aa9d0f-f8b8-5beb-a340-3ed02e604acd", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:25ff5334-d13b-521c-9889-b1aabcb77259", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:466448e6-aba9-5c25-b30f-72039288032f", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d9e42471-4f33-518b-83e1-0a893dec62ff", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:473cc3f9-92a6-55df-a219-427bf0e24126", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b911e5fa-3830-5080-a522-4295b7b14d97", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.87-tuxcare.4" } ] }