{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:d54ba357-f233-5875-a977-c16899514efe", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.6", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-util-scan", "version": "9.0.50-tuxcare.6", "purl": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.6" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:15ea2dc5-6bdf-5c92-a05b-6adb79d1b88b", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:e4591a02-cf13-57bd-8cbf-c290052c879a", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:b0fd8d03-209f-537c-9f67-26c28f6baaaa", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:76e2595c-e1e3-5650-83b7-31f05b71264f", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:8f150e72-1935-56b4-983a-3200b800fd76", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:60ae4eba-9ce6-50c8-99e4-c7b37dfac436", "id": "CVE-2021-42340", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-42340 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:50a03871-0350-5cbf-a366-7477c5b19d54", "id": "CVE-2021-43980", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43980 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:a5a5e780-b93f-55ea-8124-d2ec64cb4b49", "id": "CVE-2022-23181", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-23181 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:70f31b4b-b9fc-5382-94f2-1aa99335dcc5", "id": "CVE-2022-29885", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-29885 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:286d5768-afe3-5652-9c3a-57978c62aa17", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:8ec25afe-1805-5143-a6d6-b67cd5a50252", "id": "CVE-2022-42252", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-42252 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:d3a81f53-e3f1-5240-9bbc-6197d9cd4b6b", "id": "CVE-2022-45143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-45143 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:0797c951-d6c3-5df5-8371-800b3c383124", "id": "CVE-2023-24998", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-24998 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:55b0ac73-4329-5929-8c9c-86063e0e54b4", "id": "CVE-2023-28708", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-28708 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:0d99335d-e53c-50a0-9e15-8dc51ce3d612", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:6cafc64f-c650-55c2-868f-1c2c2e1ee69a", "id": "CVE-2023-42795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42795 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:c44e5312-aa98-568b-9178-26676ba94338", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:a01543ba-968d-5079-bffe-a59cc412c355", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:a92937bc-da9c-521e-b562-9644e5121331", "id": "CVE-2023-46589", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-46589 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:6a2ca4d0-8c83-5d4e-abab-1fb9eb29b5c0", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:3bc00bfb-dd5c-593b-8f7a-9f5e4c157541", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:83484bc9-6fd3-5554-8606-9e958f7fe3a0", "id": "CVE-2024-34750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-34750 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:4efd32f5-fb9c-576f-8f4d-aa3a9b3469c2", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:016036d9-a638-5226-b327-80fb9e49c6ed", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:7e5564a6-3b9e-5538-bea0-f4229d8360cb", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:63d3f6f4-f7f0-55b3-ae6f-d45965f04cb3", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:dcf8f676-191c-538c-aa81-aa1a8389fc25", "id": "CVE-2024-56337", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56337 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:6c0fb3ac-6191-57be-b8e6-a1be50677336", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:366322c2-09b9-5e0d-9f40-d2d07229f940", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:10b99954-c590-5c4e-98e3-2c347691b5c0", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:58c42e86-5cb3-5b99-8cfa-10bcdfbfb91a", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:6a5a1ef2-bfb1-5507-9017-31f5627d6a4a", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:b8a42d57-d69c-53d0-a86c-d87ce1aa4163", "id": "CVE-2025-48989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48989 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:3569224d-ec9b-5039-a253-6302eb75a0c4", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:a08757b7-605b-5f4e-86ba-358c9d362234", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:19c04e6f-c994-5502-be92-d452f2dac7f6", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:0dd873cb-ccc4-50dc-8b32-0e38fe29b875", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:87308a26-4e57-54b6-892d-dfccfd27086d", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:56a3054a-8a22-57c3-b641-228174a18eed", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:ebe5701a-d493-52d4-95f3-dbd9c0c9cb82", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:5cf92e20-db75-518c-80c9-9c0731dc0560", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:3a005842-c376-5c05-a9e2-ee6b31cf20c7", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:302e4d8f-79ad-579d-817a-35c6e291f903", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:8d155114-c2f5-5693-8020-3710765aa180", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:0ee29c57-b628-5a83-9f74-81f2b8db529d", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:a74d9d63-b0e6-566c-9d84-9f00237b36d0", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:e8be7e56-114e-5cf7-addd-730b2cfacfd2", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:20d9f95d-427a-557b-8079-160b5760b300", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:46d2bd05-a446-5d48-b073-4e0ab96c203c", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:47ce0710-afb2-509d-826f-63995d2fc19f", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.6" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.6" } ] }