{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:045117d8-866f-5338-9966-e07bbee8f626", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.100-tuxcare.2", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-util-scan", "version": "9.0.100-tuxcare.2", "purl": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.100-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:da595c1a-6b5d-5f7d-a334-343f50c9e175", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:131eb7eb-cefc-5eb8-95d4-e64a74001426", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4d20e976-3584-530f-b18e-c80fa4571c1e", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c18f4373-a33f-5a92-af86-5fbb552a724b", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f8a2730d-eef2-5b3f-b78e-d63af1f7573a", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4dfe5637-2ae1-5269-8b33-1e794898b1ab", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:32738c57-18b5-5978-ba91-057f6c417c59", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0c521205-e6b0-5fb3-935f-6feb31e9d81e", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b14820eb-7ac0-5c4d-8164-7cc59050668a", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:78db6136-54ec-56ca-895b-9776211fe17c", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ea40c10b-5be5-59da-a030-58e1dd8ce1e2", "id": "CVE-2024-52316", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-52316 affects version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2e8b017b-590e-5153-a165-272fddd4ee27", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3dc7bf83-e601-5c8c-8e5e-72f5617b2202", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0b0ec308-d3e1-54d9-8f89-00b5fd171fb1", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f1f7132a-294a-5e28-a4b8-07cf4c727f9b", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1c0b6853-62cf-57e7-bf50-96ddbd9aa1b3", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3db58123-ba38-5a4a-9539-11eab8de9fbb", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2207ca1d-e3f9-5428-b534-3cf171241a93", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:024a4813-d534-5cb2-87bc-62f773dcefbb", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ab90c694-3de5-5ab0-8657-aefdb5ec69d5", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:198fc4d7-0926-5176-a80e-259715bbc7ca", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:48056e33-f66f-5b4d-85ff-6ac241cc7f1c", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b7736699-487d-52f7-a318-230db931c58c", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9b8d5619-5534-596a-90b8-3b5b147362d0", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b7cc8e1e-a25d-5d85-b5ab-386160ed81c0", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ae80a6bd-3604-5bf2-9c6f-f31e4bd55fdc", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bd6f7769-143e-58bd-bef7-c25c89ba9fbb", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a487d3af-8713-5b7b-8504-48185df11841", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f34c22dd-e695-5aee-beb9-d17199fc862e", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9d2d0c66-bdfe-50c2-adda-952eb67f7416", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d79c5675-5bf1-528e-ab8e-ff5505199f5d", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7a59ab0f-1038-5326-bd2c-67e9b1f685ba", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:02a7a454-f685-59e3-89ba-3d87a079047c", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:535e0cfd-03dd-56b7-85d8-f90a32e946b8", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:368c0da8-99a4-5cb5-8216-a1bb90937905", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fb3c4244-b435-54ac-878c-9c3123c83025", "id": "CVE-2026-34500", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34500 affects version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.100-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.100-tuxcare.2" } ] }