{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:be792b52-aaee-528e-bd7e-bb32b79b4e8e", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.4", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-tribes", "version": "9.0.46-tuxcare.4", "purl": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:dd1b728b-813d-55ff-adf6-c42b0626fd44", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bae32c15-75d0-5bae-a931-48d6e558709c", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b3c1ef0c-5841-5690-af1e-15d8010eb365", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6467c180-37ff-5c2f-8bc8-7e41ed66158b", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:de86f578-230b-5acb-902b-ca4015d08daa", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:44d51daf-674c-56ec-8809-3c280c44303a", "id": "CVE-2021-33037", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-33037 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c326ef30-3586-551b-9d5d-7a4d64ebcee7", "id": "CVE-2021-42340", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-42340 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:36fd588b-fbf2-5da8-a8db-81a3e8c3511a", "id": "CVE-2021-43980", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43980 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2865aed9-9500-5071-b9dd-24407f0dab6c", "id": "CVE-2022-23181", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-23181 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:feec346e-858e-53fc-8318-9a9f011d8a2a", "id": "CVE-2022-29885", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-29885 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f3273fb7-747a-5ef2-8ec8-1af44004dac6", "id": "CVE-2022-34305", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-34305 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:820dabdd-9670-5569-8c35-fdcad7d528dd", "id": "CVE-2022-42252", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-42252 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:193c671f-c45d-515c-8daa-6735f0021330", "id": "CVE-2022-45143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-45143 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:254abb7b-3d28-548d-9b2c-1684ff4440fc", "id": "CVE-2023-24998", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-24998 affects version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:74ec7a26-1b04-51c3-a9b3-dca6457b6ffe", "id": "CVE-2023-28708", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-28708 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:57d58b54-c80b-57fc-96d6-d9d1a660d971", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e9895168-001a-536c-afe0-193e5ccdff74", "id": "CVE-2023-42795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-42795 affects version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4e40db19-048f-57d0-8a0b-fb753fd3fd3c", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:be0590df-e689-5fdf-8276-2d885b22496e", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:18eec69b-6fc4-5f04-a8b5-2d6ebd6ab671", "id": "CVE-2023-46589", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-46589 affects version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fd465f62-aa0a-5215-9083-b2a1baf6665b", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:48dd478c-5fba-5fb1-a037-725df97c1280", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:805b7e28-f088-5a49-9523-26d5d8cb6888", "id": "CVE-2024-34750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-34750 affects version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:66c34955-5e0c-57c6-ab2b-43a47987c7d4", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:52b945f2-d50d-5f35-a5b0-83d5ef909652", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c1a310a7-65f0-578e-bbc2-6b2d805f008d", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b79f9500-b79a-5180-b305-2dad46b851e7", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5b9996cc-030f-5ba5-9f89-33d052ed1921", "id": "CVE-2024-56337", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56337 affects version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4a69a1d0-699e-549f-bd20-127b86c169e8", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:51744a35-be79-5c02-8969-7f467134e398", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:481ef1f8-53da-57b6-91b4-1031d7fb5e76", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:85dd0635-42e8-59b5-92e1-0f78db87de81", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7619f2d2-7854-52a9-9c3a-4d6b4f2e97d6", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7f7c4b12-ba32-5774-b588-9a2d3dbeded7", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4dc1ab40-5b09-5f6f-865a-0df6399d4388", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2a42312d-b5bc-5f40-8004-ceec91abaa5c", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9e6cdb55-aec8-5657-a296-ee153539ad16", "id": "CVE-2025-52434", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52434 affects version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:740dea7d-d5ff-5351-9d92-068a8ac72818", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6c4c67ce-85a1-5c78-ab15-c7cbcf2b50d5", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3ab1a1ff-6bb8-5989-9bd3-842cb5dc6846", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e7880a1b-a029-5108-b652-4dcb5fa2f507", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7673c0a8-5756-55e7-9838-af111937cdb2", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a90dae88-5eb8-5ba3-b966-f223cc250d6f", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0816d26d-a8ce-53cd-9c8c-1340473aa14e", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:699e4ce5-d53b-5575-b4af-16daf3167bdf", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4a6f7efa-bdc5-5fea-9641-cc2579b7da68", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5aefd43e-b237-58d8-9995-4d5312cf7d1f", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:aeef26eb-7bad-52a0-a4ae-a23e33907a42", "id": "CVE-2026-29146", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29146 is fixed in version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:da485f31-6f80-5413-b91a-bdc995a7f784", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fe6a1185-a890-5687-8503-a5b755277613", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9d27e1c9-48ef-5c1f-8f1b-380b19586755", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.46-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.46-tuxcare.4" } ] }