{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:7e9fd1a8-6ced-5d8c-8afe-04814a15864d", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.2", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-tribes", "version": "9.0.87-tuxcare.2", "purl": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:fcc106f9-8ef6-58b7-b849-1897bb91aa6d", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6eccabb1-d37b-5491-b857-51718f2b3c42", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2f2e2be7-ab2c-5ba8-9453-e65718b8abf2", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:45a5dab4-cbac-53d3-bfcc-69bad4c0266b", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1649da8d-ae97-5ef3-989c-19331c4e2f9a", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ff1a75e8-07b9-5fc1-94fe-e38fb682c1b8", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e8b6523d-b0f1-56ee-b35c-109b683f9e25", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8a60eb5d-30c5-56d6-b554-12742bf94cb9", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fd987a0e-333a-5bff-adbc-a9830c356ca0", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cecb8712-43c4-5a01-ac41-8f42fb522d22", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:070633d4-dd81-5b6e-bca3-de752a5f40e3", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8230c736-e6a0-5e7c-be57-633df6814493", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d265ef8e-a889-5cd2-8d13-c60b49603e11", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0b2e33fa-1581-5598-87d5-04da3f977951", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:043ccabb-23e2-578c-8474-032aa5c0c34f", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:242cc18a-430c-5ca2-a31b-ae0872f96a45", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1ff2675f-3f29-5cfc-9862-dd02fddfb6b4", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:669e5d96-7686-56aa-a332-4c3ca92c6496", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5e07f5af-38fd-52eb-8d0e-2c2152d371d9", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3fd48c81-48ef-5f81-8173-cf7e3dab4a47", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b4fbace4-fe93-5a72-a721-fbb9b01d96bd", "id": "CVE-2025-48988", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48988 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9c9bb1a4-9c7f-5ab4-91fd-bdf38697508c", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f67e8e62-19f8-5471-a273-c99d01abdb83", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ea5f3e76-8f93-5b8a-86de-36adc739389a", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:90122903-dc92-5527-91a9-37eee63b3373", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:39b2ac62-7cbf-5b52-ae05-d3b554f552d9", "id": "CVE-2025-52520", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52520 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a6c4d755-a7a0-5d7e-aa1a-521b8f71c637", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9e31c3cd-a8b8-5c82-b6fa-e8daecd3bd54", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:658cba1a-b905-5dea-8bfe-dc64ee3c78cc", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fbf01aa9-8eea-55e8-bb7b-ba2c74514ea0", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7c5e0fe3-f8af-5d5e-8bcc-3494e067edde", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8120c741-dbf7-5ea0-92de-3c775012c4bf", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4e924413-1c2e-5e2a-9c96-77a2d2e3d397", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e901b8d8-20b4-575c-aff8-22835b03598f", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a50dfc63-9007-5a45-88f0-f559ff340573", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a1bb4242-e3ee-5479-bb7d-507e1278233a", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a399403f-5d17-5b9f-ada7-e4c215684aa5", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3c56ecaa-26cf-5e27-8d39-30864a79bd44", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:65ae1afa-19ec-5d26-8a1c-b7be2708eb7a", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5ccfa1d9-ce9a-5fed-83ff-8bc8c66ef736", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:09b5d3e0-a5be-585f-b599-8490997d3177", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.2" } ] }