{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:55c0da89-35d5-5ef0-a12b-137b946034de", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.50-tuxcare.1", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-storeconfig", "version": "9.0.50-tuxcare.1", "purl": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.50-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:3b9544be-a607-5d66-a38e-712b224e384b", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bbffecef-54b8-5191-b099-d8909a51c5f9", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:15fdba17-2143-5e32-8468-b2452fcac8d2", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d823561a-100a-55eb-a2fd-0948d57a94da", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e6b9a5a3-ca77-5b35-98c8-d784ecb03a7d", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:efd15910-318c-5f74-8b73-12196bdefd76", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d0964eea-d4aa-529a-b60d-df355f576d3b", "id": "CVE-2021-43980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-43980 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c6065ae0-d19e-5696-841d-22c245940b89", "id": "CVE-2022-23181", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-23181 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d8645a03-f254-591e-95a0-bb31f99dc0b7", "id": "CVE-2022-29885", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-29885 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:01c42a52-88b2-5852-8343-14df63703f94", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bab2c512-a7bf-5f99-a3fb-4f26a246e2f8", "id": "CVE-2022-42252", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-42252 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d37d2453-5597-59fd-b9f3-98d3ca854cda", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0781a7aa-5f4d-5bdd-83ed-f3ba496b55df", "id": "CVE-2023-24998", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-24998 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a5d1a5fa-08a1-5cf0-a2c7-6dfeb47d15a0", "id": "CVE-2023-28708", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-28708 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:07003afd-08a7-5d55-be9a-6f93cc729473", "id": "CVE-2023-41080", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41080 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:245e32a0-b191-57bf-98f0-b69dfd3af220", "id": "CVE-2023-42795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-42795 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4f29c96a-bd30-59a1-9c9c-5d837722039b", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2ad583b2-e5f8-512c-9e00-399d42ff2d88", "id": "CVE-2023-45648", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-45648 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5917f08d-fa65-5dfa-84b4-e7ddcee1e770", "id": "CVE-2023-46589", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-46589 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:059ffac5-7343-5073-b6ce-53c1971e4572", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ebc5dad7-c294-5777-8e40-f26f082cb547", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:029f1d4e-682d-5220-8996-53f4b4762d1f", "id": "CVE-2024-34750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-34750 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fd8f5e9a-8248-5d0b-9e17-772635e92f89", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f1fa6291-4896-58ad-ae62-c26f4a04cf23", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c3d9dae0-a563-5bf1-8b9e-3c24f1cf2bff", "id": "CVE-2024-52316", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-52316 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9083d0aa-21b1-5fb9-b047-c5890e8dd6a5", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b6c9a1b1-48bf-5882-8a67-a80aabb7c215", "id": "CVE-2024-56337", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56337 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c855cae7-4b38-520f-9ca3-2a5365bdc6d9", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8990764a-798e-58fa-8cfc-97ccbc49ec2d", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:36f7724f-248a-5aef-b335-fc8929d331d2", "id": "CVE-2025-31651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31651 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b5fb6610-60b7-5824-8bd8-2ed3d3b47b80", "id": "CVE-2025-46701", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-46701 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:952cb648-1583-5e35-95a4-b1128845f1e8", "id": "CVE-2025-48988", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48988 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:693b3f8f-e1b2-5f38-8862-45d454e31833", "id": "CVE-2025-48989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48989 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8aa7735f-f01b-572b-ac6d-bfc01239894a", "id": "CVE-2025-49124", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-49124 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:446e3084-0df9-5d25-a883-7eacb54fd802", "id": "CVE-2025-49125", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-49125 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0323ae7c-7804-52d0-bb49-dfef3c92f956", "id": "CVE-2025-52434", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52434 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:00c47455-6f4a-59f9-99d0-657d7f799e9c", "id": "CVE-2025-52520", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52520 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:10fbb311-1ab3-5c98-9fb1-73f969924b7b", "id": "CVE-2025-53506", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-53506 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0c8392cb-c36f-54ec-8874-ef96276b5e0e", "id": "CVE-2025-55668", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55668 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ab23ec9c-7ca4-5b37-99d6-54bd617b6a86", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a0c58fcf-1230-5ba7-a13c-3699e240b701", "id": "CVE-2025-55754", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55754 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:98bafb6a-513f-57aa-b40a-3f70dc5aa42e", "id": "CVE-2025-61795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-61795 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8fd23577-b8c8-52a2-80f0-e6ea8ff6873e", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:51e6230e-c6f5-5516-84ca-5548d3678233", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e2857f3c-bd00-5817-b04d-a9251a2939af", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0018d7eb-071d-5df1-94e6-bf6d768b6508", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1949f065-28c2-5050-88d9-c6a38db3895d", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0b62e347-8e07-5ece-941a-b77fc0f74b9f", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1f76374c-8428-5cb8-a17d-1f40a4698b21", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e0bd123e-c605-517d-a0f0-2a6332f6419c", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.50-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.50-tuxcare.1" } ] }