{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:0946750c-16e1-5527-9934-a8c7091790a4", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.8", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-util-scan", "version": "9.0.50-tuxcare.8", "purl": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.8" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:0358fe61-56bd-58d1-89d4-21035fef38bc", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:b2f6357a-6a08-5b17-93fe-754763a0931c", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:ed0be696-d1cb-5fa2-84d8-6d9c5d1c4ffb", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:5098f2d0-442f-5171-bb97-70cf55f8d7c1", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:3e563d88-28cd-5c36-9646-a7ec6644e907", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:dd24f754-3760-527c-9e40-f437ae80c825", "id": "CVE-2021-42340", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-42340 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:8abd1549-1567-5b3b-a390-2b5852b9e8f7", "id": "CVE-2021-43980", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43980 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:c7562775-6d47-5eec-93a4-91373fddaf29", "id": "CVE-2022-23181", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-23181 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:c402aa5d-1e13-514c-99cf-65d5c9197c2d", "id": "CVE-2022-29885", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-29885 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:6a6de8a2-8404-571a-a840-e2caa10fcc76", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:d5727167-7c13-56ba-b5f8-fecaa0ec56a6", "id": "CVE-2022-42252", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-42252 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:86b40504-8461-559d-989e-6722c3b60ed6", "id": "CVE-2022-45143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-45143 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:7976629f-61d2-5319-b153-edf3fe58bee1", "id": "CVE-2023-24998", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-24998 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:4e508c1b-e6fb-5770-9a0f-f06214437a10", "id": "CVE-2023-28708", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-28708 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:4bddedf9-529f-5b44-b1ec-e2f5c109e23c", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:55242ed4-6ee9-5769-95b3-1d4f7120c383", "id": "CVE-2023-42795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42795 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:e665e286-f209-5538-95ef-272ce3c83758", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:f441350f-4d8e-57cc-9b4e-d5a3f9045270", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:eedc2c75-f1b6-5bc8-9a2d-2f142bf06492", "id": "CVE-2023-46589", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-46589 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:42331310-81d4-50af-9387-9c0483e2bd14", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:9f71c77e-5902-5f60-88e2-aeb6da498dc6", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:4ad161a5-1acf-5c83-9861-1f1eb6a51ee2", "id": "CVE-2024-34750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-34750 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:df405fea-aea1-5f09-a306-10997feba980", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:35140013-eedf-59b7-8e88-b3ae327442c6", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:300b2013-1009-528f-9ec0-a9367f9fafd9", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:eab1d4ef-97b6-57ad-bae9-ab90367f9f7b", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:8a7740a4-1525-5f59-9b28-3ba6a0d7fead", "id": "CVE-2024-56337", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56337 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:91362b62-a2cd-5a24-a52a-d12e2d30cdf9", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:30549fd5-e96b-5e27-8ff0-8a0f19d26659", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:5070ab65-f494-5401-9d7a-935c530b3b78", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:6f108430-64b1-516b-941f-3af2057f0978", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:d17f2d40-39db-56c1-a8c9-95287343ee03", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:ece90289-9536-53c2-b75e-8aaaedc62c84", "id": "CVE-2025-48989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48989 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:0b90a43f-ab09-5da9-966a-4bd6d83b1942", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:f114e84e-bc19-5a92-a7bb-b7334be978f6", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:23242624-8ba9-5366-95c2-ed7dab1993af", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:90ae4636-0c3f-55ee-a78e-73b87f1ea6ba", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:98af7377-f27c-5aa5-85fb-3ba3abd06d3f", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:984d98bc-406e-54ed-8625-099fbf7d02dd", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:fdc18d77-5e74-532d-8bc9-673731720d8f", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:6579f945-233c-53e2-ad69-34b9bd66647d", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:23c826b5-ceb8-5056-9681-ee9088f1e089", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:1b5fb769-3d42-57c5-bf8b-848934e57263", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:86b83fef-cdf2-5644-8371-8287f95a2a78", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:dcad2e17-010f-57d5-b44e-d3899ae50c3c", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:2291a223-3a32-567e-a92e-9451dc789ee6", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:e96b2616-6322-5ff4-a4c5-301593dd48df", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:5a2703c7-dbbb-516d-9cb9-e0993f577896", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:c5ac56f5-112a-5c29-a1f5-954792112289", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:00ee8453-af01-5206-a342-ec4d7532893b", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.8" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.50-tuxcare.8" } ] }