{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:fba62163-95fd-5a79-82ae-707e71c3a1a0", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.100-tuxcare.6", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-catalina", "version": "9.0.100-tuxcare.6", "purl": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.100-tuxcare.6" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:ed1a2f61-45a3-5a64-bc5b-3751b6faca91", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:f4e088f8-7dad-50ef-b8f3-26f21334d37a", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:76e1901d-2906-5c2e-8c95-97c59a27d4b3", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:9435c564-6d9c-5300-91a1-5b3cd5499adc", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:6be886c3-a855-54a7-a1da-267871ec159e", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:8ef2f997-0926-52a0-8756-bc6783a9947d", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:c08b054f-44d5-53fc-8cf5-95c8bf7db5b9", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:420ae325-32b6-5459-a172-02ae436ef99e", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:4ad8ced0-9ee0-565a-bb19-6fb6650ad861", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:01e16c4f-53a9-51a1-aece-5796caa951b1", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:33324a5e-5471-5117-a6dd-48c18a36a8a0", "id": "CVE-2024-52316", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-52316 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:9c8c552f-2868-5873-b861-f0459d56e47c", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:44c5978f-e3b2-5fc7-b6f6-fa8e4b26fc66", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:6a0208bc-d35c-503f-b8a5-5c6818698309", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:336b2b5f-c7ba-5cb3-a1a8-b8c502fba2df", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:c7055945-058b-5683-8770-397aa197332a", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:8c27d1a6-a8df-5430-b43c-418b455e96ed", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:18803984-fb28-5f62-a8b0-c06555939bb0", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:d439d40a-26c1-5247-8e8b-86d0c78721fc", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:05775b27-f999-5944-84d7-0428c4a35ef2", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:5553ce49-a49f-5cf8-a27c-ece13007b50b", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:345f96dd-4b95-58d9-af47-7de34e23869f", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:e628235f-3669-5dd5-acab-520206aefddb", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:0c5db6df-78da-5ac4-9b7f-ef0e7928e65b", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:a6a3a09c-d2f3-5c19-889f-7d156109d94f", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:d89d5314-4ea7-5119-9baf-62c002351a6f", "id": "CVE-2025-66614", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-66614 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:229fb4c8-5f19-5b98-b071-68c3a3c12611", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:1772c6be-ce98-5ab7-ba8e-be7b1b726e41", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:b5e879f7-8401-5a14-8a13-de6414bfb2f5", "id": "CVE-2026-24880", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24880 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:00c71c46-37a3-5f77-bf39-e15a21f130c7", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:88491cde-b986-5c03-92d4-8e834a816731", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:642c6c9a-79b3-52c9-9f49-8be0e0b7e16a", "id": "CVE-2026-29146", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29146 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:68a65ce5-854a-5237-8c53-94cdce14fc17", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:43f14f5c-1961-558d-bf72-fbab250c07f0", "id": "CVE-2026-34483", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-34483 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:a788add2-df1e-50fc-861c-742825608740", "id": "CVE-2026-34486", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34486 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:b04093c3-796e-56bb-b047-3556aaeef2d4", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:bbc1fce6-8927-5cd4-9e17-de2f2444d4dd", "id": "CVE-2026-34500", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34500 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.100-tuxcare.6" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.100-tuxcare.6" } ] }