{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:544dae6a-e50d-5de3-b587-3716188f5004", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.90-tuxcare.7", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-tribes", "version": "9.0.90-tuxcare.7", "purl": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.90-tuxcare.7" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:aa441579-e657-58bc-9f3f-bf31aaeff241", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.90-tuxcare.7 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.90-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:67b588b9-9920-5ac6-aaa1-f756a0724055", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.90-tuxcare.7 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.90-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:bfa85edb-eb99-5baa-943d-cc59cac418ad", "id": "CVE-2020-13943", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2020-13943 does not affect version 9.0.90-tuxcare.7 of org.apache.tomcat:tomcat-tribes. Fix for CVE-202-13943 for this version has been already backported by the original developers, so brunch 9.0.90 is not vulnerable" }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.90-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:d80c1513-75f5-509d-b084-281910cd3cd1", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.90-tuxcare.7 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.90-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:d8f9df75-bc58-5900-967f-1ebd8a097e40", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.90-tuxcare.7 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.90-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:dcc6cddb-b98a-5a6d-b6f0-8cb3d3829470", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.90-tuxcare.7 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.90-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:30395754-c410-50e2-8969-9dab12d6e615", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.90-tuxcare.7 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.90-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:c550ac2c-a899-59bb-b16f-a34f617a963c", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.90-tuxcare.7 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.90-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:68cfead7-7c09-55cc-94f2-25051bc390c7", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.90-tuxcare.7 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.90-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:3572bc19-6542-540e-9912-8f8e1641e915", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.90-tuxcare.7 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.90-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:c2506fd3-640f-5df0-9b4b-6d70551425ed", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.90-tuxcare.7 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.90-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:eb76f3a3-b857-5d9b-94f3-5efb78380c2d", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.90-tuxcare.7 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.90-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:fca493ba-98eb-58cb-9ca6-97e501f451a0", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.90-tuxcare.7 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.90-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:6e1d43a6-cd3c-54ce-8331-b4850ebafc63", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 9.0.90-tuxcare.7 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.90-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:18f1f046-c38d-5100-aa3f-ee8eb31ed882", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.90-tuxcare.7 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.90-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:eef10bea-e085-5e09-99d4-f683c5331e45", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.90-tuxcare.7 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.90-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:d8b19966-6a0d-5627-9b18-f6fe299eb6c0", "id": "CVE-2025-31651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31651 affects version 9.0.90-tuxcare.7 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.90-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:b93677cf-8f3f-5fdf-8b6d-ec296375e508", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.90-tuxcare.7 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.90-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:a9be808f-d6c2-5d8b-8a17-1dd3d533f675", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.90-tuxcare.7 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.90-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:5881cd40-ec71-5bcb-9e88-90c16ba46b51", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.90-tuxcare.7 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.90-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:620d3720-273f-5e04-8341-d3c04a9c7f45", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.90-tuxcare.7 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.90-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:8ca75502-01b0-560f-aa49-09cbc4673c4a", "id": "CVE-2025-49125", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-49125 affects version 9.0.90-tuxcare.7 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.90-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:55f7f4af-fb54-51d4-b625-f0cf6bf7c37b", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.90-tuxcare.7 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.90-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:82cc0a54-e0c4-5866-bee2-f322ae6cded2", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.90-tuxcare.7 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.90-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:1e4bf832-8f59-5ab6-a4da-7511c1561060", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.90-tuxcare.7 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.90-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:c8461d95-997b-54a7-bb9d-4746c2510db3", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.90-tuxcare.7 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.90-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:30cbb44b-ef1a-5ce0-a733-66e533a0f489", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.90-tuxcare.7 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.90-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:5c0e004a-2a1d-53b2-ac13-87469e0e837d", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.90-tuxcare.7 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.90-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:fc77ae69-e707-5f76-90ae-027274e28961", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.90-tuxcare.7 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.90-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:3dff5225-045d-55f1-8cc1-e623f4596542", "id": "CVE-2025-66614", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-66614 is fixed in version 9.0.90-tuxcare.7 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.90-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:548e9447-c38c-5de7-b870-9dafb6047a85", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.90-tuxcare.7 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.90-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:190178d4-87ca-5229-939a-b744477fdb85", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 9.0.90-tuxcare.7 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.90-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:06ea9a82-b17a-58dc-b647-6b7927daacd2", "id": "CVE-2026-24880", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24880 is fixed in version 9.0.90-tuxcare.7 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.90-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:a80d4411-da47-5e38-9396-77f0c86cd70d", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 9.0.90-tuxcare.7 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.90-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:a9a6cd95-1243-54d6-bf38-906857c5228d", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 9.0.90-tuxcare.7 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.90-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:9d461e3f-3037-5250-98c7-d21047e94455", "id": "CVE-2026-29146", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29146 is fixed in version 9.0.90-tuxcare.7 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.90-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:00c0f97d-702b-5449-98c6-9b3be18d84b8", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.90-tuxcare.7 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.90-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:fa76bfbd-a425-5713-8f80-4dca6439d1f3", "id": "CVE-2026-34483", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-34483 is fixed in version 9.0.90-tuxcare.7 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.90-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:bc03b35d-f15c-5207-8372-c13167eaf9e7", "id": "CVE-2026-34486", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34486 affects version 9.0.90-tuxcare.7 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.90-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:4ffaf6f7-9606-5d16-8f5e-43239bce2ab6", "id": "CVE-2026-34487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-34487 is fixed in version 9.0.90-tuxcare.7 of org.apache.tomcat:tomcat-tribes." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.90-tuxcare.7" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-tribes@9.0.90-tuxcare.7" } ] }