{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:d7840008-554a-5706-b307-cf6172204fd8", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.100-tuxcare.6", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-servlet-api", "version": "9.0.100-tuxcare.6", "purl": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.100-tuxcare.6" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:a39c8f2b-b8a4-50d4-b788-c7436b167806", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:aac725c5-e18d-5c9c-b119-44a3184e99d1", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:b64215f1-2fd7-5247-9ae2-cef2e95265d1", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:bd481f2d-cc35-558c-87b1-9375b9a2b590", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:08900894-31f8-5528-abd0-0f2ca239e158", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:063e7c6d-1079-5782-9a8b-4d5553deabc7", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:c0751284-c559-5318-8f07-ed693e51a295", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:58aab8f7-28ea-5e13-8a09-4cd278dff07c", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:153077b6-a038-53b4-b420-e9cbd16bcd3f", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:a2095b36-fe56-5ace-8267-0990a1033eb5", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:bb838899-13e0-55a4-b517-8da27389aa22", "id": "CVE-2024-52316", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-52316 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:0029c5d5-f7a4-5dcb-a3c4-00810e1b2892", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:3a1545ba-3e0a-5530-852a-19dc8b3f519c", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:10e56327-1eb4-53be-b740-f1e147d7878b", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:503e6530-5fee-5155-8539-3bacf110326c", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:0b68c6f1-3f83-552e-8ff9-b9fdb7199a31", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:ce6dbdae-ec7c-580b-b57b-09942dc9e476", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:36805c26-897f-5073-aa85-e2b55c2c7aba", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:0cb9da9a-7614-587b-b4d0-4b72301efac4", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:b9da0d13-fa8f-53da-8cd2-28069035ab0a", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:b7db3d60-086a-59bd-87bd-9026bfe92744", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:bb27196a-0200-5763-8903-4e2db1b74bd6", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:02db0d23-d7f0-52bc-88ed-ac9bbd06cfdf", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:5beb4c15-4a6d-5646-899d-600d05b022f1", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:e38772d5-f5f3-51ff-9507-74d6c0b43648", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:45b38fc6-66b0-5a60-981a-2483e9adcf7c", "id": "CVE-2025-66614", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-66614 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:ff6bd679-3961-514a-a1f2-347b556a1386", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:3880b6ae-e84f-540e-aed8-95082a1cdcc1", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:ef3cab49-7773-5463-94b6-405022732442", "id": "CVE-2026-24880", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24880 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:5b942638-e888-5302-a144-b84b5f30e74e", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:cbad9dfe-9724-5286-8aa3-3d61d166a085", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:b7f4b599-1c96-52de-968a-a14f259d52a1", "id": "CVE-2026-29146", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29146 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:ee583885-c49a-5a95-84d9-b679524c5cb9", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:918ebf5b-e29a-5610-94c8-90136f2e920e", "id": "CVE-2026-34483", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-34483 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:ea70e728-919a-535b-97a3-04c85f11c08e", "id": "CVE-2026-34486", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34486 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:d39811eb-79b6-56a0-936f-c96e71b30a1e", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:448d44b9-9e61-586c-94ee-5d21ce753e3a", "id": "CVE-2026-34500", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34500 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.100-tuxcare.6" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@9.0.100-tuxcare.6" } ] }