{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:1484beb0-87ed-56e3-a1bb-af8e4896dd20", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.3", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-tribes", "version": "9.0.46-tuxcare.3", "purl": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:9af5e8e5-f50f-559b-9243-492c5e7062b0", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b5a1a521-cc40-5496-80a7-39abb7f897c3", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c8e6a888-a20c-532e-8dd1-81e830658b46", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1126d504-b78f-5e34-887c-e7829d47127f", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:29f46e34-d613-5314-9a35-c01ea48bc0fa", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:80e4512d-9607-57a3-9a50-6544e3e1d4f8", "id": "CVE-2021-33037", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-33037 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b2f44d76-6799-53b8-a9f9-5cbd75edff9b", "id": "CVE-2021-42340", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-42340 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:36b759b5-0637-5283-ac45-7951c5e9e5cb", "id": "CVE-2021-43980", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43980 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:059af629-246f-57a1-b301-8c16fab91b96", "id": "CVE-2022-23181", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-23181 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1d0c0023-4024-5cba-994a-bb07c4ba2b6f", "id": "CVE-2022-29885", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-29885 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:47bfcf42-c040-517c-a8c6-ffa43e0b1dc2", "id": "CVE-2022-34305", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-34305 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2c69d635-6a9e-5da3-9d3d-744ca38f86ea", "id": "CVE-2022-42252", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-42252 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9244ddc6-129e-575e-9e3e-baf54a705c96", "id": "CVE-2022-45143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-45143 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bf62b31c-b2be-5223-9e2d-efbe1064eef6", "id": "CVE-2023-24998", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-24998 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5e24d42d-f5b9-5214-bd10-fe1290c1f885", "id": "CVE-2023-28708", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-28708 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3d08d0ba-c8e5-5bf3-a5d2-ae79e9056550", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0e8ab757-fa88-5415-84d3-76e0b4e44343", "id": "CVE-2023-42795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-42795 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3bd2066f-6a5e-5315-9e86-1cb940b162c5", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c921f12d-140b-5ff2-af4c-0c209519e72b", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fbb6ab39-665d-57bd-b8f6-abc4ac7698cf", "id": "CVE-2023-46589", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-46589 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:db6d5441-47d5-56c6-b953-dc7f3cff7b6d", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f0d2ed67-d5b7-50ea-b37a-02a89c0ea9ae", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1c042537-37e0-54a2-966a-81d2a938497a", "id": "CVE-2024-34750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-34750 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e09f7b3d-e843-5dcf-a883-326f5adf3a82", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b1ffd0a4-baa8-569e-a70e-c0db8f7845ed", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c01d4fd6-e8f4-565d-834b-5ce185e18b4b", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dfc43a92-581a-5d5a-b12c-97fb042a50dd", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4b843da7-3436-5472-8fa1-609dc873e7ec", "id": "CVE-2024-56337", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56337 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:88d259a8-88a2-58a6-89e7-d14e9d263fb4", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4db3bd88-4e21-5c55-90b3-144f480ccf41", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:63c7ab5a-aff8-5a95-8388-8fa2fdbff5ae", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:85bdcfe2-b285-5f14-bdb9-b05b8529d38e", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e76af342-e41e-5080-bd9e-758d4aaf87ae", "id": "CVE-2025-48988", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48988 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f4741871-3480-595d-abcb-219769f03584", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3b5fdddc-c5c6-5376-bab9-f010b28e50fd", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ea0cdbb3-f02a-57eb-a77d-9dd25fb63ed4", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c93505f1-71b7-5876-9de7-f0fdadb653b7", "id": "CVE-2025-52434", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52434 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fafc74d1-44e3-5bb4-a82b-0bb684e2acaf", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:abe55a14-ef61-5bef-8386-db6e4284442c", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:51c41a9c-881e-533a-8233-0bcf9b6c477c", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5c19f93a-39ef-5125-be8e-2aa5c9f03d78", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d390895e-8277-5181-81c4-6ac6aa282cf5", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:590d9956-4eb5-5fa4-8f28-73d6014d73d7", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:36b2a61a-55e8-5d9b-a4a5-f8609173864b", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b3ecc0a5-987c-58f8-88e3-33d7174a5a3a", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:56519ce3-2ba7-5ed3-872a-3cf4e890d8e6", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:474aceb0-1eb0-5aec-8e17-b15449828a7f", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:006ecfd7-ddc4-5d8f-90a2-0e4429d768e7", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a5c558c3-7352-55ff-8f79-c177aa4a8cb4", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b1015b8f-ab6e-5a35-ae1a-1d13093046ec", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c5d7ca5f-d6d9-5bd7-93ba-18c7d26bf9fb", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.3" } ] }