{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:cf20170e-adb0-5264-8125-8d39b3c4935e", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.4", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-util-scan", "version": "9.0.50-tuxcare.4", "purl": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:12cb391e-79ac-5096-bab6-94fcc6ba0e29", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:11c27589-6d2d-5558-875d-e2a3128f3462", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c95fe835-d2d5-5878-97bc-9781c6acf6b5", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c6cf162f-5e39-5de5-984f-bbb2e9ae8d56", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d468b128-2682-52bd-acb8-8d714c20b514", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:61f5087b-1466-5c49-8cb3-6e5858350b15", "id": "CVE-2021-42340", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-42340 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:207a3dac-4a44-59ce-b488-53ba19ab121c", "id": "CVE-2021-43980", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43980 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a0935cbe-ace9-5053-9f70-be20a977bed5", "id": "CVE-2022-23181", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-23181 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:224d630b-cada-530d-bc43-1381fa095eab", "id": "CVE-2022-29885", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-29885 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8e0a7816-b744-509b-94bf-06be459b8025", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ff8e4ef1-98dc-5506-8508-bbccd072ae77", "id": "CVE-2022-42252", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-42252 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8baa2fdc-0eac-5a8e-aa66-af8b5cbc9e72", "id": "CVE-2022-45143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-45143 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:447fd968-098c-59b2-818e-5a48b436465c", "id": "CVE-2023-24998", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-24998 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:00865c25-57e9-5159-b688-7a0f0053c517", "id": "CVE-2023-28708", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-28708 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:37d78339-580a-5718-be22-1d712a589208", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7f8e6d5b-5f56-56c1-a558-86d8d3e6cf0c", "id": "CVE-2023-42795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42795 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6a0d48b9-01a5-503b-b295-531a68186a26", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0233c5a1-68b4-5522-b975-494c5cbb6f57", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:95254ef7-7e21-53d8-866e-0fd1e3b0db1b", "id": "CVE-2023-46589", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-46589 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:174b1ea1-2f12-5a8e-ac82-affd3737550f", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:00e24f75-37ff-5dd1-b3e7-83f5193d93af", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d88460ac-799c-564b-9dfc-633c7801cf00", "id": "CVE-2024-34750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-34750 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:28dd0fb1-fac1-59c6-81e8-05b0a9093625", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1b2594cd-c51c-58eb-aaff-68b222d62f92", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6e5c19b8-40fa-5f00-aa82-9078187d5edc", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6b00ecec-185d-56c3-94ef-45c85c4c2f32", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:db43b00f-cfad-5685-9222-3ed8535a01ac", "id": "CVE-2024-56337", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56337 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2ebb3182-76ed-52e0-92d3-450333de18a9", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:157e3f3b-4833-5c87-8035-c158d4ac77c1", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:dd73ab52-260e-5011-84e8-3bef69290f32", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f992faa7-8d81-504b-9a38-53863d5168ef", "id": "CVE-2025-46701", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-46701 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1d1ca752-78a2-51c7-b4aa-8ec3b69cc63d", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:96681e36-3393-58b5-81a9-a86cbf8b9c14", "id": "CVE-2025-48989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48989 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a19c1617-2d94-5686-a554-979e71a1f3e4", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a7f84683-7af0-5687-bb2b-09fbbbd68361", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:72032cfa-dd04-54a4-b167-958341cb71f5", "id": "CVE-2025-52434", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52434 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:df425b20-4ba1-5c0e-be04-8d0104054ccb", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:577fca00-4d09-5dab-a190-b36f91d07cbd", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e950d650-06e2-54c0-8b83-96cf5e8bb324", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:26e6b0db-bee8-5161-b674-5d7ba5b802a3", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3d2e0376-3a1a-56b3-9358-4dfd52b410b3", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:dcbd0aeb-cb02-5725-b548-b57f2aacadb8", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f3a1e843-1c8d-58d8-a658-52f2936f907c", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:996f00cf-e6e2-5639-b256-1a494ce5aaf7", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a604bb8f-37a2-5de7-86b2-40795202e641", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:08b15788-d63a-557f-984b-a1d3ea8245ce", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:84a3f5ac-acce-527a-99a1-7cce961f245c", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2d02eee3-8c9d-5fd4-9bed-20c1361518cb", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:61379d19-e7f5-580c-92ba-acdc95ec147a", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f9a98fa0-fc1e-55c7-8a11-d674211a3b21", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.4" } ] }