{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:91191b50-d3c7-52c2-aa5f-0b46ce34816a", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@7.0.109-tuxcare.1", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-coyote", "version": "7.0.109-tuxcare.1", "purl": "pkg:maven/org.apache.tomcat/tomcat-coyote@7.0.109-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:24bef86d-d416-55f2-b5a1-525b7c451af5", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:78079961-0c4d-5b94-8559-72b7547b4a99", "id": "CVE-2015-5174", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-5174 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:39f414d9-c44f-55da-b032-effd6b008a6f", "id": "CVE-2015-5346", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-5346 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:709d2d6c-9388-5c8d-bcd1-8b8bc5d7a931", "id": "CVE-2016-0706", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-0706 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1fa42c58-828a-573b-b21b-cc325230ac79", "id": "CVE-2016-0762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-0762 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:070661b6-ab25-5bf4-8cfb-7e37e57ffb7f", "id": "CVE-2016-0763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-0763 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f862bab4-d9b6-5cf6-8e83-c17fe5af5f48", "id": "CVE-2016-5018", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5018 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9adf6445-332f-5b26-946d-73fc4db1eef4", "id": "CVE-2016-6794", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6794 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6ffae192-bc25-572b-aee8-a5cbacea2469", "id": "CVE-2016-6796", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6796 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f5ebce1b-c66e-561b-bfcf-ad52dd7222b7", "id": "CVE-2016-6797", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6797 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b5871a81-b4b6-5306-ab2b-ab4751c241de", "id": "CVE-2016-6816", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6816 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f61662ad-5a1c-52c3-8c11-05c67b8b1d95", "id": "CVE-2016-6817", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6817 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c20d7430-1f6e-57bc-b17f-dd71c465adc9", "id": "CVE-2016-8745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8745 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fbf3224e-6d3f-522b-84e8-4be03d324cce", "id": "CVE-2016-8747", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8747 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:28e81e7a-0e44-5f20-988e-fd1e1a46c35f", "id": "CVE-2017-12617", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-12617 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8d8d9b6f-f8e4-5e74-b2c4-d72557a46fb1", "id": "CVE-2017-5647", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-5647 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7d051a5b-3e10-5440-87a8-ec680e3382d1", "id": "CVE-2017-5648", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-5648 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bf9341d3-78de-553e-83c2-922b1f4af369", "id": "CVE-2017-5650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-5650 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5fff0007-62c5-520b-9ddb-6945fde2e5fe", "id": "CVE-2017-5651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-5651 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:35f7ab2b-ed07-542d-b939-1dc775f40010", "id": "CVE-2017-5664", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-5664 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:857a7f73-05c1-5a2e-9186-684028efd3f1", "id": "CVE-2017-7674", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7674 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:21a46555-9e85-5c21-8b57-365c4e9a69d6", "id": "CVE-2017-7675", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7675 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:38e8d380-725f-5e61-b54f-ed789b086b4d", "id": "CVE-2018-1304", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1304 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:214eae0f-449b-5b74-bb40-16a005ad5609", "id": "CVE-2018-1305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1305 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bc8992d9-93fd-5ba9-94c0-43f3748a9731", "id": "CVE-2018-1336", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1336 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:676b4dac-082d-5963-b1dc-ce1f76798daf", "id": "CVE-2018-8014", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8014 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:931976aa-4f2d-5a58-9de7-1f0efa3806ec", "id": "CVE-2018-8034", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8034 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6f3f9bf7-bfcf-526f-a99e-391dfb8945db", "id": "CVE-2019-12418", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-12418 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a03d7f38-441f-57b9-be66-4640bad3f58e", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:15529a06-e5b5-5acd-a7e6-0736b46b66cd", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c485a3a5-7d3c-51e2-941b-d9e814e4588f", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b917ec50-d5b6-570a-8753-21a3a7d98691", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1e316c1a-8b07-5656-9e9d-2713b31be899", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:945cbe52-7970-5b7d-b573-668aa0e779ba", "id": "CVE-2021-30639", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-30639 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8f9d3568-3854-5b1d-8d7f-685240d8659a", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f4195609-3035-51d7-8e2e-06f9444d24c0", "id": "CVE-2022-23181", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-23181 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5b3b3805-331f-5801-8978-a6cf60e37589", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:20fa46ff-bc0b-54a9-8ab2-130881cd8bb1", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5c2cfe4f-fb4f-5cfa-80dc-f228313e3c8e", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5763d2e0-052d-566e-ade9-377cd233aae7", "id": "CVE-2024-38286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38286 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7c1a80ba-69e3-5e6d-94d2-af0b13c21f0b", "id": "CVE-2024-52316", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-52316 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a90f2493-d915-5913-87ee-3fe12c25acab", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:077081e3-3ee2-50c4-a8ec-d8d2df378d68", "id": "CVE-2025-31651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31651 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d5fafbef-c454-5917-bea4-eb016266f40c", "id": "CVE-2025-48988", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48988 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7d70d753-6995-557e-ac38-03dcd456daaf", "id": "CVE-2025-49125", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-49125 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ea63168b-cd52-5d7e-a3ee-0c94b8131aa5", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c74489f2-793d-511f-a4a5-ee95a8f1a95b", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6f0ead1c-4199-54cd-8bd5-2a50e859f9c2", "id": "CVE-2026-24880", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24880 is fixed in version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b79f8ecc-1b67-5547-b604-4b463de4173e", "id": "CVE-2026-29145", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2026-29145 does not affect version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-coyote. The official CVE record (https://www.cve.org/CVERecord?id=CVE-2026-29145) limits the affected versions to Apache Tomcat 9.0.13\u20139.0.115, 10.1.0-M7\u201310.1.52, and 11.0.0-M1\u201311.0.18. Version 7.0.109 is not within any of these ranges" }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c43168e7-88fd-50d6-884a-592df9a89477", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:21ba8548-d818-56fc-9b7f-f281a6a578a2", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-coyote." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@7.0.109-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-coyote@7.0.109-tuxcare.1" } ] }