{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:64c04c40-f40f-5610-9b7d-ea06c71a99d7", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.1", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-util-scan", "version": "9.0.50-tuxcare.1", "purl": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:35b278e5-78e4-5d4b-ac94-2ba0554b9d82", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:83f3a6dd-7fed-5485-b2d6-44b03bcda63e", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0f49c03e-9b07-597e-8d4e-51b0645bfdd8", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4772f044-d7b1-5ec8-8f42-e0109b332c37", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:52ad8ae0-4c24-5c72-8e11-f95b6c6870d2", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fdbc2c8f-4e12-5c8d-a000-1213a9643d1e", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:22249098-d74f-5ad1-9f15-aeda2583300d", "id": "CVE-2021-43980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-43980 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5f1fde60-9121-53e6-b8e5-1a7efb376c66", "id": "CVE-2022-23181", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-23181 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ac72b714-a6fc-516a-b9b8-3ddd0a2ba41d", "id": "CVE-2022-29885", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-29885 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9a849c8a-a402-507e-b41b-2cd9b0726372", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1b10514b-91b9-52f3-a2c8-ae080051809f", "id": "CVE-2022-42252", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-42252 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:978824a5-9f8b-5ffc-a700-1e6cb002b1e4", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fc9e7ef5-981b-57aa-b035-07863a9bacaa", "id": "CVE-2023-24998", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-24998 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:91e61f76-a062-55e5-ab21-e607aafb235b", "id": "CVE-2023-28708", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-28708 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5ebadc77-5f6b-568f-8ce9-b6b6e7b9586b", "id": "CVE-2023-41080", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41080 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6e8446e6-595a-575b-bc3f-e651f9116c83", "id": "CVE-2023-42795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-42795 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2954bf6e-03ea-5b8b-a71a-350aee1cc318", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6bad7a87-a6ce-52f7-8c82-4092c0123977", "id": "CVE-2023-45648", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-45648 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6b60e6eb-632d-539a-8542-256dd7c9d690", "id": "CVE-2023-46589", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-46589 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2581fca1-2e35-5bdc-ac8d-fdffa332205e", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:334a5cd0-2ae6-531d-867a-a5ec6d7fc73f", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:848e3b21-f754-56e6-8a37-b06748c1a90f", "id": "CVE-2024-34750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-34750 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:981db8b4-b8f6-5bfc-a133-9d5038e04a0d", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:01a6e757-071c-57d6-9e9c-e6a7f737f477", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7be8bc20-b7ac-5243-96d1-4cccc2f7e680", "id": "CVE-2024-52316", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-52316 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dd4e6662-da44-53d3-906c-74d2d061ede8", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:af7b53a7-49c4-5146-a5d9-224deafec8ba", "id": "CVE-2024-56337", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56337 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a1cb473c-51ad-5fd9-a1ca-67affe005672", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ebef3e9b-a63c-52cd-bed9-d95a9e247af3", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ea0f5949-ebdc-55b9-94ad-b78a98a5756c", "id": "CVE-2025-31651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31651 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c07bcf86-1981-544c-8535-65c67e9d8029", "id": "CVE-2025-46701", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-46701 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e170c94a-1313-5405-ac9e-8ed647533361", "id": "CVE-2025-48988", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48988 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:aaa2c063-b415-5bde-b8d2-6320bfcbe966", "id": "CVE-2025-48989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48989 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9481d055-3cb9-5fcb-a618-6edcc6ed0037", "id": "CVE-2025-49124", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-49124 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:456068d0-0af9-51b4-9d44-870fd527bb1b", "id": "CVE-2025-49125", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-49125 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d0d401fb-ba54-54ed-bbb5-13a2ac0af4e2", "id": "CVE-2025-52434", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52434 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:96905e77-b7b4-5bbd-a8e6-126fe170d6db", "id": "CVE-2025-52520", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52520 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:67aea0c9-f8fd-51b6-9bf4-e9bc9f7eb093", "id": "CVE-2025-53506", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-53506 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a528f5d7-e204-559c-81f3-78eea2ae589f", "id": "CVE-2025-55668", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55668 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f8ceb76d-f933-5dcc-93e3-e8ae9cb27363", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6438440a-0d92-5f6a-995a-175ee9585275", "id": "CVE-2025-55754", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55754 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8fbf9af0-849f-5b6b-bc11-2b600e1b4d77", "id": "CVE-2025-61795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-61795 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4d17f40a-b50e-59d0-9d73-b584cc57327e", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:de69ea6a-eba2-5606-9fe2-08ee19ea264c", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:74da2de7-343a-5462-9899-8a0bfbf0322c", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:847c19dd-bc37-574d-9399-b35da14c1993", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6d649a81-1142-52ac-a284-3a4da2f8ea82", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:db8b7b64-0406-5a26-a6c0-0a612627bf54", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:67f24cab-bca0-576f-a796-70972e190b13", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7f243abc-b281-54d2-9751-3510b4fc17fa", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.1" } ] }