{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:8743fdb9-50e0-55bb-addf-93c507ac417e", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.9", "type": "library", "group": "org.apache.tomcat", "name": "tomcat", "version": "9.0.50-tuxcare.9", "purl": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.9" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:016f91d5-31fd-5509-a897-b4c632970587", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:58ad508f-7b02-5599-8b1b-13f09d055a53", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:ba1fe5aa-c87c-5dc0-9aff-c734a1cac359", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:7913d30c-87b2-5e6b-99ab-aa0a6357996f", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:4f8c2dbf-b3e0-5e84-9bf2-9413e1c3fb3a", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:2d66fb76-b4ff-5763-bce0-0f9ecbd7678e", "id": "CVE-2021-42340", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-42340 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:74cbbdd9-6340-59cc-8d03-4abf8a08dab6", "id": "CVE-2021-43980", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43980 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:22a04f3e-616c-545b-9a18-94f67c2c5dd4", "id": "CVE-2022-23181", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-23181 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:9a80b2e1-2b66-594a-b3a5-f256c9c03d03", "id": "CVE-2022-29885", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-29885 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:f5813155-b72f-5442-b193-d04a4446a98f", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:4f1c9dd0-8656-50ca-b24c-fcf85b2cd041", "id": "CVE-2022-42252", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-42252 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:b16ac03b-8cb0-549d-bccb-1c6831b748ba", "id": "CVE-2022-45143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-45143 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:a4dcee12-4515-55e0-9c46-016bb64940c2", "id": "CVE-2023-24998", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-24998 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:aecba63e-a764-5f8e-8b7c-63ff6b916d7d", "id": "CVE-2023-28708", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-28708 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:0417e3e8-16c2-51e2-ba39-d87e7e18b6bd", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:7a3855d4-cb5e-58b0-8ec7-0488d4bdf2e7", "id": "CVE-2023-42795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42795 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:776a4d98-82f6-5963-bb34-a2ec08d89dfe", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:ba86e5b3-2cbd-5907-bf2f-bdb595060a60", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:7dc3ef55-0918-558a-8047-bc6ca3dc02c1", "id": "CVE-2023-46589", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-46589 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:d089ab31-db99-534a-9e22-233fd62888dc", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:756ff6ee-673e-5c81-8106-f5b0f1d820f5", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:27a3563c-d2d7-5ade-8016-e4688720e569", "id": "CVE-2024-34750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-34750 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:a32a4a03-65b6-5bee-8001-945532cda2a5", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:0e2c55a1-c52e-5d74-8df5-b702eb85e1a2", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:f499db1e-3107-5eaa-8a15-6bc0eb964114", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:39ac3912-f93d-5eca-83bf-735527f0b105", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:d378f67b-d798-5da9-b8b0-377ba5ac2f3c", "id": "CVE-2024-56337", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56337 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:69d8b2fe-fe01-5c6e-b2c7-5e02c2a57cb0", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:5fa57b1b-30ee-5c06-87f5-96e6d53088ce", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:b90c9477-e551-5af4-a50c-47d1bb780d69", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:35376332-af2d-504e-91cf-a9a706cc302f", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:e7bb0f60-e20e-50c3-811e-f318960b5e3f", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:cc57abb4-ebbb-5a30-8a16-a5f493218324", "id": "CVE-2025-48989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48989 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:3943ba6b-0b1a-5bcf-9ed8-a813e8d1c592", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:741139bf-7b85-5480-a10e-49fe51b366a7", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:4c6a3840-9e25-5dd7-b297-91052d9f2c80", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:3fbcfebc-7622-520b-ae37-babc300e9ac9", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:19c2b48b-1f1d-53d1-aec6-28568e608591", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:493757e9-6821-5862-bc27-d4433a3f1004", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:116638d0-893a-5dd7-870c-215845a5c0c2", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:ace928e2-f1b6-5047-bf8b-8b3d8b2913c2", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:f2431ff9-e867-5690-88ae-67ca7832795c", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:062d39d6-7610-5b17-8afc-0f28cdf8456f", "id": "CVE-2025-66614", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-66614 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:64802c24-ccbe-5542-b1d3-0448e34097c2", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:5651fea0-72c6-59bd-b19b-ec20f892f04d", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:7117017c-ff64-54b4-8537-ac6f81d09e8f", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:7b3b86fc-05b2-5721-bb92-7fa14e798bbc", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:44f4ed3a-2619-52f8-a24e-9f0625144f31", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:859e89d7-c5a5-532f-8010-1b1d11efe6cd", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:1677888f-c1ff-5014-86b4-6ef51f1396c4", "id": "CVE-2026-34486", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34486 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:59ff90eb-25d8-5a23-8c09-debfb07e536b", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.9" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@9.0.50-tuxcare.9" } ] }