{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:50f0c2c6-7758-523f-9f1c-963a154bc4ba", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.100-tuxcare.6", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-jaspic-api", "version": "9.0.100-tuxcare.6", "purl": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.100-tuxcare.6" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:e7af3a15-b031-5421-ab56-75e1de9b3318", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:efebacab-7c09-5234-846a-755bbbb9b9c8", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:fccff869-9916-52e6-ae70-8d50c7fa0a02", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:94ff9836-23db-55de-a008-561197d84f26", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:396f96d3-ffdb-5fc6-9dff-627359749cca", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:7ab41b35-05e1-59e8-9a5f-e9c4c6341f3e", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:a44249f3-95d7-5b79-9c62-6270cd173a43", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:317d2425-dbec-5909-88b2-97d18f62c7a5", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:67fd8208-db50-5a7c-9637-1364f43fff26", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:cdeea551-8ac3-5a19-b791-972a48ef0a17", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:28698067-5b60-55f9-855b-31fa7108e16b", "id": "CVE-2024-52316", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-52316 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:5a89dcaa-c04d-5ae0-ba60-8ea903e2ed8a", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:a611f50c-165b-544d-9ec2-bc87d7667b00", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:dde09dea-49ae-5b67-b512-a1bf79abfc45", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:64d482a0-3491-519f-a57a-b0a34afd081e", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:7d46248b-1934-5c3a-9553-f9bd3c5259c3", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:8bc9f94e-ecc7-593e-960c-c981a754b7e0", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:b376af5c-44b2-5275-9012-c0ca580dabf8", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:3f7371a2-863d-52a7-87a0-766211495839", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:4eeccf22-39e0-5b25-ac81-4f88d54fcc15", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:b4e63f24-3442-5a87-a13f-97a016381d0f", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:27d49e10-0037-574a-95c5-edeb2d37c53e", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:7e243880-e190-5436-a2ec-0530a9adaedc", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:ac4a1d90-74a2-5bf7-9270-226914a509eb", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:eb394032-9831-56bc-b1fe-52c392d9d390", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:08e8f459-1bee-5607-8acf-43e4b0717b27", "id": "CVE-2025-66614", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-66614 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:86bbba22-1d08-5575-b3fd-1e73c28d028d", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:b8425d8a-999f-5400-99fd-59bdcb21c40c", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:13ae7a5b-98e2-50d5-b629-40c54d84264c", "id": "CVE-2026-24880", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24880 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:aab5ea7d-270e-5a45-bb05-1dd213040fcd", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:d2cd9135-6836-569a-9b98-48a8dd9cc520", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:93e78205-0a65-560e-a7d5-67d808517492", "id": "CVE-2026-29146", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29146 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:f2a8741c-63c5-5c64-acaa-d46a14c104fb", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:fe7e5967-5f74-5e3f-b855-135b9bb41cfe", "id": "CVE-2026-34483", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-34483 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:3bfc2e29-c981-5cec-84ee-e5df2cbe8d2c", "id": "CVE-2026-34486", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34486 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:ae52eb05-a9a7-58cd-84ca-aa7e491ade87", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:3136b125-708c-5b49-aca3-98487bf61301", "id": "CVE-2026-34500", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34500 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.100-tuxcare.6" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@9.0.100-tuxcare.6" } ] }