{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:c9199e7a-a469-5f84-b302-a9c395fb9ed6", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.5", "type": "library", "group": "org.apache.tomcat", "name": "tomcat", "version": "9.0.50-tuxcare.5", "purl": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:fcc78759-7029-5ba9-9b79-8dc20de1a6f6", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9c83f79f-572c-528e-b599-e2ac28e7769d", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c00cea4c-b79f-5389-84fe-df9a7b98bd87", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2a2fefa7-c4e9-587a-b813-44a63ee248f5", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e39d2154-64c5-508c-95c5-84adc0236aaf", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:fa199b80-ae0f-57f0-8f56-ec1ebb8663dd", "id": "CVE-2021-42340", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-42340 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:64af0d28-dba7-570f-81d1-4f2a330df0a4", "id": "CVE-2021-43980", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43980 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1d73f9ae-5574-5c6a-b5d0-c4ed67e71a6a", "id": "CVE-2022-23181", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-23181 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:888e3616-eb40-50f5-a7f9-ac09a73a140a", "id": "CVE-2022-29885", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-29885 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:63999891-50fc-53bc-8101-60fae733c69f", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d38af6fb-160c-5019-8d55-94d5dfddcedc", "id": "CVE-2022-42252", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-42252 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9f277916-e705-50ad-bb36-8d92572dc3c9", "id": "CVE-2022-45143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-45143 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f44fe122-2765-57d6-9101-ee07ef70281b", "id": "CVE-2023-24998", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-24998 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6fe806cb-84d3-53ef-92d1-a50b192642f2", "id": "CVE-2023-28708", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-28708 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3dceddcf-398b-572f-b376-ec8afd0ecfa3", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:23764210-d33b-525d-87cd-4f01614bc788", "id": "CVE-2023-42795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42795 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:cdd75fb6-2756-5ff9-ab13-6a7f9ef80005", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:13ede51d-d6dd-57d5-bc1d-af5fdc63c920", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f9876791-7c66-530b-84e3-eeee2c969bc5", "id": "CVE-2023-46589", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-46589 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0614fe5a-1777-5416-81f5-c93fa8b70398", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:bd611e33-78a0-557c-be21-d027718deb4f", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9a296ff1-7d73-56c3-b86e-ef8360f06382", "id": "CVE-2024-34750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-34750 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:45de6507-5b45-5ddb-ae6a-a88499ab4213", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7e65ce71-b56a-516c-bfdd-129c996202b0", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f14440e8-6d38-579a-af58-2bf7c00aa504", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b41925fa-235a-5cf8-a2c4-f9841d1240be", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:cce5c6f4-f366-503c-855b-61201e7cfc70", "id": "CVE-2024-56337", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56337 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0fbaeef2-e088-5902-bf42-1a84d2f8550e", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c7b685da-663e-52d3-8ad2-790eb4183279", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4acaed6e-feb2-56a6-b1a0-62912aff0ca5", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:02c94bf8-289e-5e93-9094-d9b07cffb0e3", "id": "CVE-2025-46701", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-46701 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:56f9c8f4-0910-5922-97c4-6c4f012d51a0", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3b2e137e-1a18-5731-8f10-ac426b3cae2a", "id": "CVE-2025-48989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48989 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:59d3804c-c22f-5fe1-bcc9-b0906bfaf884", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4e498720-e5e8-5248-a269-5adf60761d2a", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:528cadbe-204b-5c85-8df9-fce71ea26217", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:41224af3-1e6f-5317-b5e0-be0116b559dc", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7320b988-6fe5-500d-98db-01ad46351e2b", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f476ee10-b907-560a-b39f-763b23f6bfaa", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9e75cdf8-4eb2-5860-828e-1cfac539c3e2", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:183420ae-9d0e-59de-8532-34d8f92f952a", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:63c36dad-d77c-5153-8faf-229c41c6c9b7", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7d43783a-ffa6-5006-a9b1-42ed0efbe2c0", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6689f62a-2347-554d-b737-20423db9c396", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:abfd052d-e7e9-574a-86fc-cba8176cf45f", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3c9b6045-887e-5032-ad8d-6e3adcf9e497", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:eade6391-4430-5e3c-8866-c70163ed865f", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f6758fc7-d4c4-5c51-b204-917f9a8ea1eb", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7be57861-1559-5e1f-bec6-dbad3b07bf07", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4aa7e0bb-86e9-523f-b0f1-a8dbca0bb3f3", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.5" } ] }