{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:9a5806da-9481-56f4-aa13-2570a1dd9ace", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.6", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-juli", "version": "9.0.46-tuxcare.6", "purl": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.6" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:d8bb03b9-1934-5b12-8c14-7e424df30908", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:a96a6ab9-3874-5e31-b6cb-011c06e07270", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:4ca9c939-500a-59dd-adfa-099cf8bfaa48", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:9aea9cf0-ff5a-5d42-a959-221a0cc6d789", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:da37ca58-6cd5-5a40-ab48-ed725fc2e00e", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:9194b80b-e713-5f25-8b89-816df1ec29fc", "id": "CVE-2021-33037", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-33037 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:8f61babf-1344-58a1-b46c-4228febc5d54", "id": "CVE-2021-42340", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-42340 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:19b62177-d18c-5d1b-aa58-be301068b860", "id": "CVE-2021-43980", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43980 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:c138c6c0-bd12-5d0a-858b-a5e1401e90dc", "id": "CVE-2022-23181", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-23181 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:ac6c8a56-0b78-5a11-8d22-b31d8618eece", "id": "CVE-2022-29885", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-29885 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:9cacb022-aa29-5e49-8fb3-74828a4e45a6", "id": "CVE-2022-34305", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-34305 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:48a3c650-7b40-5f3d-a41e-c6edda913eaf", "id": "CVE-2022-42252", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-42252 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:b40710d5-fd66-5fe5-ab0f-7ff707eaf64a", "id": "CVE-2022-45143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-45143 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:d91a99e3-9580-52cb-954a-c9a73b8f4eb8", "id": "CVE-2023-24998", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-24998 affects version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:8a04b18e-a260-52d4-beac-42cc76fd7289", "id": "CVE-2023-28708", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-28708 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:7afc118d-3fa4-564a-9740-b52a6ff99d00", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:6e01e705-dcfe-5c27-929e-38ce7973d939", "id": "CVE-2023-42795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42795 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:610baffe-f761-5393-9d30-b0c721434a56", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:3f99f9bd-0f4f-581e-ae3b-192cdf7bc146", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:f8b261d1-4299-534d-9fe3-fdbe7f0275f3", "id": "CVE-2023-46589", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-46589 affects version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:8fbdd840-933a-56c8-b00a-11d5ada615c4", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:c9bf20cf-2222-5acd-a855-9197d3cda5f7", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:553109a0-13c9-5355-8c0f-fdeae9a3c775", "id": "CVE-2024-34750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-34750 affects version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:6de8b902-b2a1-5b40-b937-a00a25ebed2f", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:a97395b0-38a9-5818-8480-a791cfa50ba9", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:19ba01a1-6708-5c10-a3af-0fc5a080f253", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:0bac4af2-95c3-5e3b-b813-cf2b619325ce", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:b38ae16d-5bdf-5c16-b62d-d62eaab87444", "id": "CVE-2024-56337", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56337 affects version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:52432ec1-4ccc-57c5-839a-1b65743cefab", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:1af4ca48-1688-509f-b7c3-782344ecc419", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:ef8fb3c9-3957-5d30-b658-a66faa4adc8b", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:b1ef81eb-6fe2-5f58-b1f3-b3583bccf352", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:a581c452-d5af-5039-9231-567bd0010f36", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:917b0805-4123-59f1-8271-df798ebefe67", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:ed493d53-61e4-548d-b203-891eeaad093a", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:c0efdd40-82b3-531b-b76b-b0c5710a518a", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:a5a77e5b-2537-546a-b117-396801b52436", "id": "CVE-2025-52434", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52434 affects version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:bd1f39ba-a78a-5e33-9d41-7c42163ee9fc", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:bc03c23f-9401-5215-ac20-c73604e25a00", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:6143e21a-0a41-5e8d-9f29-dd8733407d70", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:a3ae7122-2e2a-5347-82c8-1f6523807f6f", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:6c5c2394-db8f-5bb5-8b0c-d3edea9dbf4e", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:8474806a-e0b5-5ce3-b500-5b94a216ca05", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:fbedc7c0-c039-5404-ae38-7fe57677a719", "id": "CVE-2025-66614", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-66614 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:71ecff39-2489-5b9e-aeb5-f4d73a73275b", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:d3cf23a9-2bf3-5b13-b671-5846e6132bc0", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:4ed099aa-7784-5b30-913c-b17236f835f4", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:b2287a7e-bb91-5d09-9cfb-21bb74f2f6c0", "id": "CVE-2026-29146", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29146 is fixed in version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:3992ee57-da71-53ce-a74e-cec52a9087d6", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:0fdcbdcf-c19e-5f3f-91e0-6817dcc9c6f0", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:a65c3b48-3260-5574-965c-d3879abd6688", "id": "CVE-2026-34486", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34486 affects version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:2989b950-0237-5662-8550-2ed3c3f2f316", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.46-tuxcare.6 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.6" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.46-tuxcare.6" } ] }