{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:38dec2f9-6372-5413-9ee7-8f18353d30e1", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.100-tuxcare.1", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-tribes", "version": "9.0.100-tuxcare.1", "purl": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.100-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:3023b103-f256-55c7-abd2-a306ed1c7fb9", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a50d4481-4f97-507d-b07a-6be67b8d385e", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d205c885-a06e-56d8-afbc-4f950b5d0a6d", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2f475fb2-cc90-5205-bf78-a7d1b4db0975", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:941d0dca-6425-5a0f-be70-2e03b2ebcbcb", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e76d18e1-06a8-5f2e-b5c2-d5a4a838e1b7", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f8c50b0e-2e18-5e8d-9554-809cac32f9a9", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8d3a1d26-8640-5d47-92a0-df110e6b8677", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bdde586b-97d8-51f4-b124-af36315bfc2a", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:49963d28-c4c6-5d7a-b97c-5b69daaab1ed", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7f333fae-127f-5fc9-891f-cc3b94bd546d", "id": "CVE-2024-52316", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-52316 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e9167825-059d-5415-943a-76846c26a9a7", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:89abf5b5-9657-5991-b5f4-e10447d0ce22", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5530ae96-d975-511c-b4a6-61e6db8c8383", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:edeb0954-e275-59a3-8dbb-dd1b4e8d1195", "id": "CVE-2025-48988", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48988 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e307bae3-9442-5b92-8903-0d93ec2294ef", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:289627ff-1f37-55fe-80fe-cd64b40dc57d", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:568a41b3-f276-5db3-a8f0-31bc05811ac6", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8747b05a-84c1-5cc1-8756-68ec1229d882", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:70e5c3b3-1f53-5ccf-ba84-07c5692256bd", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6426e360-82d5-5bd3-9f41-e748199abe2e", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:502596c4-2bba-5ecc-a0d4-bd6a99668ad7", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:17fef43b-76be-5407-b255-b0c801ab4d15", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:21856f99-77da-5fc9-be5f-f7292aac5a6c", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:614d1e1f-0c21-53bb-8efe-8b038f24d750", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4e41edc1-7b94-5e8a-b09c-95de69a22a31", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:224df026-ec01-5453-8728-64f94c147bcd", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e6ce11c8-dc75-5059-b6f8-cc090d07f9aa", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3234699b-b99e-5a3b-acb4-e11396ecca88", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b2962c07-3485-5a16-945e-337f0b03f253", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6f690c4f-4c06-57d7-9d1b-0b11d56351af", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:73a5babd-b6f5-5170-a447-f7519fbb4d1d", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8fc2cf19-ef26-508e-b854-4319fe69de29", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:189a3627-4fd2-5762-b0d4-3fef63d0dab4", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:75ae679e-22d1-55f4-8569-d3acb861ab63", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9e627a0e-fb9d-53be-b5a0-d369110d3472", "id": "CVE-2026-34500", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34500 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.100-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.100-tuxcare.1" } ] }