{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:73756823-81c6-560c-9398-187eec58c520", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.46-tuxcare.6", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-api", "version": "9.0.46-tuxcare.6", "purl": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.46-tuxcare.6" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:918f52a8-74fd-57b9-b694-10ebb17c1d06", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:35e331f9-b896-5d6e-8b79-ffcda4e69eda", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:acb8053e-4574-52cb-aee1-3a44dbabeb88", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:2e1c17a0-d84c-54fc-b271-370667ea6b26", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:4b417c5d-1242-5bfb-8aab-a93ee0e20909", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:099f7aed-557c-595c-ad7a-17b313ad2c8c", "id": "CVE-2021-33037", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-33037 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:3808e4d7-1aa1-519b-b310-b456c43ab654", "id": "CVE-2021-42340", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-42340 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:e00456f2-9980-5f31-ac18-09769536990d", "id": "CVE-2021-43980", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43980 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:1de15864-9331-5ddf-b123-e5e7a83c8c6a", "id": "CVE-2022-23181", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-23181 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:f13edd17-b5cf-598c-bc3c-375f28b215ab", "id": "CVE-2022-29885", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-29885 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:81a3bccd-7989-5823-a73b-9c2d60a270db", "id": "CVE-2022-34305", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-34305 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:36a02e88-ceed-58d9-8c41-a4ba70620106", "id": "CVE-2022-42252", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-42252 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:6e3797a0-e9ff-5247-a626-f3f87a3b46c7", "id": "CVE-2022-45143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-45143 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:85fd02da-efaf-5ee2-a9a2-95bf011ca561", "id": "CVE-2023-24998", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-24998 affects version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:609bb7be-5a3b-5de9-812a-8718c640a8ed", "id": "CVE-2023-28708", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-28708 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:b432451e-f0f5-5c2a-a295-a8885d375baf", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:0d3eaa26-89de-5765-829d-18fee390edb2", "id": "CVE-2023-42795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42795 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:72777fc0-78b8-51d2-8cbb-b133fbc5edaf", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:64f74936-20e0-5d28-b90c-5bf91e1bba93", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:a80de7e5-e80b-5221-9860-6b5b6683fb75", "id": "CVE-2023-46589", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-46589 affects version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:775fe915-2248-5bbf-b617-9e869ae707a7", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:f63f136f-92b5-5af4-b988-d9a077da4d25", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:2aea6bb5-97dd-5246-a09a-364a3ac27e90", "id": "CVE-2024-34750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-34750 affects version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:b4b12acb-26c9-5305-b1fa-4faf0bb3ce1c", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:102c5c14-c7dd-51ca-ba54-6469cf9d562f", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:6ba399ba-98da-55b4-92b6-2b8d8f3e8e1f", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:e8aa02e0-84fe-5e60-b081-2261153d3efe", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:1a6b3017-1322-5f0a-a5d2-d32e38176d1b", "id": "CVE-2024-56337", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56337 affects version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:8f28dd74-7c17-5279-99f0-5922efad040e", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:6c2a9bdb-038b-5fcf-8779-8641193b2c57", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:580e6d35-d774-5c36-908a-548780e5c099", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:43f5a728-f696-5a69-9db7-960a4f016c3f", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:abc02580-e2ff-5047-b172-a6c26959542b", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:9b6a3028-11d6-53a5-8f2f-68612b6d3245", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:87baac57-4ec3-56c6-9d1a-48be3a554bc3", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:ecf58443-e529-5385-8803-6d352600b8fc", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:23e61e8e-454f-511c-a6be-8b73bf565518", "id": "CVE-2025-52434", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52434 affects version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:8e2e4cbe-6220-5650-a25f-a31187dec1d2", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:a99eeb8d-1063-5860-8af0-e6ca4ce92e3c", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:97cf854d-5b01-5c48-9941-a0f0e704f6ee", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:3f31c2a4-8c3e-56a4-8d23-e658772affc6", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:2eea9faa-48e3-545f-b212-395e2ac88337", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:3baae6ff-b5eb-5c0b-a3c0-5efaf1feda61", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:003218e3-d471-5bfc-b31f-8653441ae83d", "id": "CVE-2025-66614", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-66614 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:33f53f38-9afe-5245-8eff-4fe6e2c288d5", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:68c4a2e4-d642-5f54-a3ac-eab0f4280334", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:7fbaf962-8741-568c-8ecb-e090ea67065e", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:0d29392d-bcda-5cdc-abaf-9d6535b4a80a", "id": "CVE-2026-29146", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29146 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:937508a4-6e8d-5efa-8b09-3ae0e24c7551", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:5e400618-435a-58ea-b184-97ca7327ffcd", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:cdfacdba-7ad7-566a-80a3-507c3ca45e7d", "id": "CVE-2026-34486", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34486 affects version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:38182dc8-8677-52aa-a37b-7d7dce50c854", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.46-tuxcare.6" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.46-tuxcare.6" } ] }