{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:3801a6b6-7da1-58ec-aee4-922bb034ddde", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.90-tuxcare.5", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-storeconfig", "version": "9.0.90-tuxcare.5", "purl": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.90-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:da2873a6-4ac6-54a8-93df-ad664909fb0e", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e319431d-fcdc-5ef3-9785-d50e0648d4cd", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4b45f105-bc0c-5028-b75c-7f1ed7b274ab", "id": "CVE-2020-13943", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2020-13943 does not affect version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-storeconfig. Fix for CVE-202-13943 for this version has been already backported by the original developers, so brunch 9.0.90 is not vulnerable" }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:754959fd-45a0-5329-8b5d-cda8acdd54ef", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0c069136-ba50-5d1e-8feb-09429479900d", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e62a69f1-54c1-564f-b148-dfc9d66c5c97", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:da79a7f3-d27b-5d0e-8e80-54e9f61fb74f", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4ab0e5df-1cbb-5010-a9b0-a4b41601837c", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:fb8e54f5-a43d-50f2-a013-e6ed272f5f3f", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:adf9ecae-ed97-54c1-8a4b-cc172dfe3c00", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:eefa4e1b-560e-548d-9c70-e7234b74d5d2", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2b6ae7b1-9a76-5d7e-8759-864404b3b975", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:cb379efb-dfc6-543d-b521-6e452a99ef7c", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3e90c430-b467-5d56-a61c-1491cad10a14", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1231463c-ae00-5281-86a7-0c1d0fa70fce", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:36455175-3ae9-5251-a771-397fee433023", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:29b8c1db-2308-5e27-9feb-b0a566d00d9c", "id": "CVE-2025-31651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31651 affects version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:95a1adae-aaca-5a31-a9f2-7968d0b93d21", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:84e0f0ad-80fe-55da-bf7c-15f65a6e520e", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2a406f10-82ac-5316-9f01-65cfae03cf52", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:86098c90-cfb4-527b-81d3-db4644f8bacc", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:51df169e-2da5-5c0a-ae5b-a65dab2389c5", "id": "CVE-2025-49125", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-49125 affects version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d9029c25-bed4-5773-8d31-9a31d5cbfa1c", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d48a2a48-fd1a-5b99-9f85-c85ebbaefe6d", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2bd1d4f6-744a-51e2-8946-cf32a9a0e734", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:31058e35-5d07-55de-97ef-fde8345c7c35", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e46f7c4a-306f-5992-ade0-2c55b800a6c9", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:efeb64c0-2bff-5e2d-9e15-cc4dc54b8ada", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b80bd571-1d5f-50cb-934e-0f4f398502d6", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:77857974-0919-5ef3-9849-7566a85e93fa", "id": "CVE-2025-66614", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-66614 is fixed in version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1f3b551d-ff5d-5715-9010-2ddd34a0ca20", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a782c5d7-821e-5e08-bc65-a14dfa9abe1a", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:aa555e25-16a4-5066-ab9c-1f3100b2f56d", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8a7ce375-06af-5e7a-80dd-43d6f737b60d", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a65cb810-9994-5d03-9854-71deba04697f", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7dc247f6-42f3-5b74-aa00-9c9c20cd7f34", "id": "CVE-2026-29146", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29146 is fixed in version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:668078ce-3747-506a-bdb1-bea175cbf152", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7b5fd3b2-59f9-59c4-a7a8-39837e2b7300", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:49516f94-0fe5-5fcf-b903-96ca916f5c0c", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-storeconfig." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.90-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-storeconfig@9.0.90-tuxcare.5" } ] }