{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:fdd6cf2c-0a57-53da-881a-a98a06cecb1a", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.100-tuxcare.4", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-storeconfig", "version": "9.0.100-tuxcare.4", "purl": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.100-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:a679d572-a1b8-5eb7-8377-b60273bf3c8c", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:540326e0-6bb0-5c23-956c-031593a21cd5", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6f3bc0ed-1a3f-5955-9570-f9f1fc42402a", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0fc239dd-0e9c-57ab-908c-29f90d7ad838", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:119c64d0-773e-535d-a7a1-d7460d4966d3", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8df1ce56-9016-5647-be20-d3011dcf9819", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:457e20f6-f54e-5da2-8473-dda0cae3642c", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:810b0605-74c3-53be-954e-29f3786da6e4", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6f8e30a3-60d6-5039-94c0-06c3e6ba1d7a", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8552e0c8-72d3-53ab-b6fd-8a6519e1089c", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ec085dbd-7288-54dd-b6aa-85621172fb26", "id": "CVE-2024-52316", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-52316 affects version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f239959e-4e23-51a5-9360-d79b561b1efd", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:25a1373f-871b-5c95-9959-808303b8db0f", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:34a2fa90-d437-5ffa-944f-e4b2adaf10f8", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e6ec31ff-6e9d-5e35-996f-249eb8dc259c", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9a1c5346-f444-504f-bea6-5980c0713f1e", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e5cb2558-2ee0-589e-b8ad-ea394997b841", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d19fac07-a520-5904-8c1e-5ac7520ea66a", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cafbf2e8-2026-5a55-9993-8bd10a7c87f0", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3e998ba2-2a82-555b-b34a-b35f1bd7ee98", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4b16d457-07dd-5c24-b57d-1360ee854d44", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3c2fdf73-1ee8-5b7f-a509-26e2de8377b1", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c78ab4f8-194e-5e8b-b7b3-1b03c3f4f0f7", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d4b5df90-d2c7-51fb-ab86-2429328a807f", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bed94d99-539d-5912-8347-7a6896556f50", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f73c7e09-86ae-5e9b-a3ac-527edb3503d9", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:52d6df2a-a4ef-585c-9eff-56d43b6a73d6", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1879d671-e5ca-51c3-ba6d-4b3f44e04269", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:89455460-eeae-501d-932e-5a9ce4ae5275", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8e15145e-3d11-5b2a-97be-ef7b16c4d946", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d040e30a-3818-5826-8f54-d38558bcc79b", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bdd636f8-489f-5ac8-b0eb-7794a53633fe", "id": "CVE-2026-29146", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29146 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:51369a8a-adf1-543f-b07b-f399006ca539", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:13837e86-4ef1-59de-ae4c-7165fd2e5531", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:415633ac-cf0c-535d-b9e2-2c4ed805aa06", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:47ffc101-0ffa-591e-b702-1ab4428399d7", "id": "CVE-2026-34500", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34500 affects version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.100-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.100-tuxcare.4" } ] }