{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:16cfe1a3-5d91-5b77-8d0d-b8f4f039d0e4", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.4", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-tribes", "version": "9.0.87-tuxcare.4", "purl": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:b0870a8f-99b9-55a0-acd8-6e4189874966", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6d5ce588-c950-51f6-9a38-99991311853d", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:63b7d9a8-2c8c-52bc-988a-296ced71fb30", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0882a782-dd86-5db7-ae5c-f64d06f16e3d", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0965b4e5-b862-55d0-8d63-2ff1da2c3621", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c52601db-c544-5af4-a35c-21cd311f077d", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1b69640e-b35d-54ec-b456-f1e14ca52834", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5dd02e21-d385-5ead-a2dc-72502e900ed0", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:37d28137-a26f-5377-8a6d-40ff3db970f5", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:dc31c4ac-e69f-562d-bf09-8c542d5770c7", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a7747059-e8d8-5b33-850b-e56a0958c33a", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:013ba591-61b9-5a0f-b8a2-74af4a60b803", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1c7997be-d1d5-5324-a115-8c34471ac4cd", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b79700a1-8ea9-5c67-ba9f-e30f950ca58a", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:99456b5a-6345-5bdf-a571-57f88c0e6eee", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:00a2a1c7-5c4c-572d-8bcb-e9a4fc3f205e", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:656074c7-6dc1-55e8-9beb-3e9a962a3310", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:13e88c1b-6ca1-56aa-b87a-65535a491304", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3432eaf7-77ac-5685-9aba-0d2ff6543745", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:64b105e2-f669-526b-8d5d-4cf939db2322", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6d729efe-52d5-5853-b4eb-3b26af10e408", "id": "CVE-2025-48988", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48988 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:01076d85-0742-52c1-8051-e08506dbf91f", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0d96c89f-c28f-565e-ba79-770b4e6987cb", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:06a6b8ab-907f-51ad-80f3-feeaa02487fe", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:21db0d5a-3fa8-5175-873b-a5d4907776b3", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8d145bdc-b4b6-58ae-9f82-3fcfa7f66a9a", "id": "CVE-2025-52520", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52520 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b550a2a0-77a2-5f7b-a7fe-abbd7e3c242e", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:16c68dc8-cc62-5afa-aa64-8a6736f9a6b9", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:02c01812-d93e-5dc5-a998-46409e88d266", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4b17be87-8b0e-5f54-882a-b6b870dfa16f", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c717ddc1-011a-5d55-8271-70993e69f814", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f050d6cf-1d28-5eef-b78d-dac95f9558d5", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:58c8ec0e-bb78-5e8d-a776-b6ca030f2b45", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b5a9a135-7e39-5d19-8b39-d731eaf40b77", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fc2860a5-5eb1-5cd2-b980-2c6e7f5bf11c", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:13147d20-4ac6-5d5c-9b25-e812ccaf5089", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9c4dd0f7-27db-5045-a739-388b9ac8deb1", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:634d910a-9970-5a7e-b8aa-b1160b202a8c", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:53f9d913-af1f-51bb-a273-2fe2f194d35a", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:acd377f6-1b23-5b7c-b0f8-807e6e56984f", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f4d7faff-a869-59db-ab47-2e484d7aeec7", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.87-tuxcare.4" } ] }