{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:0b979587-70b8-5d8a-b8c1-060ac0cd98e7", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.9", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-api", "version": "9.0.50-tuxcare.9", "purl": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.9" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:37de19f7-9d2d-5468-a88a-b4542813dd22", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:bba94257-3766-585b-b350-53dfbcd90057", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:a65f59b8-ad43-5286-a2eb-6008a6706d54", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:528fa684-91e9-5e2c-abe4-56cb7d22f6e0", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:4fe471fd-a9bb-5c70-be1f-e9a2790bf7f5", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:fff5cd4c-910b-5d41-a078-fe4c29085e31", "id": "CVE-2021-42340", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-42340 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:cc5d0fcd-c8f4-5fc7-99fb-ebca500e599b", "id": "CVE-2021-43980", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43980 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:0d7174ca-255c-5ebd-a0da-8c7fdcc5e29b", "id": "CVE-2022-23181", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-23181 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:ea45b27d-9886-5911-b35d-7b2e80f31512", "id": "CVE-2022-29885", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-29885 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:d9f81deb-1c63-5264-af95-0e58e6f598ff", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:02cfef45-bd0d-5247-ace7-4f19e8d2c027", "id": "CVE-2022-42252", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-42252 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:f44fc1cb-4604-5927-8740-cedd6719410e", "id": "CVE-2022-45143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-45143 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:909eaf26-e0bd-511c-b981-4cfc3b377b56", "id": "CVE-2023-24998", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-24998 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:023f19b4-ecce-58a2-ace5-eda70a7a31cd", "id": "CVE-2023-28708", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-28708 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:d1ada222-e83a-5f54-8610-e92bf88f7282", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:410048f7-419b-520b-8489-345b28798343", "id": "CVE-2023-42795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42795 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:78559101-7c5e-5917-a463-7fb99feed8f4", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:0a394369-132e-5d1f-a472-6d5c6f179ba2", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:84520ea1-78f5-5467-8695-d19aaa9a310c", "id": "CVE-2023-46589", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-46589 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:2cc60ea5-c63e-5004-843b-b9a9c642182f", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:f0eb46cd-2f75-5b22-bbcc-8b0e295b421d", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:1fec4ffd-545a-5130-b916-af03b5138adf", "id": "CVE-2024-34750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-34750 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:f863afee-c220-53df-bec5-375e3de28a12", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:82dc1fb7-5111-593d-8da9-04be377e3a43", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:955cf829-90a3-5349-9aab-7547b4faf21b", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:33f2170e-ffde-5964-bedc-8e2fde8d987f", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:2a88775b-5406-55dd-8d01-f48e4e3c3fc6", "id": "CVE-2024-56337", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56337 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:d767aac0-02ae-57f0-aabe-0981d9d28be3", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:8c7ccc72-9992-533f-be68-04562345c896", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:6a59517e-ece1-5fb5-a0be-32d950b4e3fa", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:b4073792-9f7b-57e6-9e2a-b41ad5f558ee", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:0ac34f85-07b3-5a9a-8c40-4e2fbd7d053e", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:c5f1cc0c-590c-5978-8066-b0aff178998d", "id": "CVE-2025-48989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48989 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:0f0fde3b-a23f-5902-bcb5-306a89a5250d", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:a5d0b507-95e2-5125-bca8-3964d3ba15c7", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:a9bf4f1e-82bd-53d0-9700-31e93b43a71a", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:798a203e-dcb1-5489-9606-ebc7576dc72c", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:3914604d-78d8-5f79-abfa-7dbe12d59cb4", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:442d2b63-6c11-5de9-bbda-625653633f2c", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:9cfd2a31-33e0-5497-a574-cf1d9393481a", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:1963d4dd-7dee-57af-80d7-d8ef85e629c8", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:78433ff1-93cf-5274-b98f-9b2514c95677", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:fc193a0e-f544-55cc-a464-8c386d875255", "id": "CVE-2025-66614", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-66614 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:77a47ea8-a19b-5e9e-8a6d-e88723b3dac3", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:c4a44e39-a02e-52f1-b5aa-c8006ffa60ff", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:71f499a8-30c5-5bf4-953c-38d1d25fecab", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:a1bb0f2a-0bd0-50b6-ba5f-14dcf2408fa5", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:01e581a3-297b-50ee-8c88-71d7d5b3cca5", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:db609089-e514-5aab-8862-a30b7424c05b", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:2bfbcd92-93e6-5004-b569-33aa72e3179f", "id": "CVE-2026-34486", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34486 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:88d4ef5a-1f21-563a-9bc1-6e94ead0c60f", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.9" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@9.0.50-tuxcare.9" } ] }