{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:df708570-30b4-5c3d-b5e9-57bd1843077c", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.75-tuxcare.4", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-util-scan", "version": "9.0.75-tuxcare.4", "purl": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.75-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:22f5f45d-d1ac-5132-a1b1-76ce83dd8c14", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2415d1b1-5cee-5238-a99c-28f101c1e5eb", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:09916aca-4b70-55f7-96cc-45b8906a655b", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:59b31e6e-df67-509b-94be-14e9b395c88a", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:15823836-2a58-5a84-9e84-31e147e480eb", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f1a74217-533a-51f6-9b85-630007a3d918", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cb9d4291-3239-5185-8420-4310543ef3af", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:038cc37d-e9d9-5cc2-b2cc-700853c1bdd4", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fe3e7c03-f22d-5120-bf21-254f927de245", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9474a7c4-9f25-5688-a774-a6760ea0d5ee", "id": "CVE-2023-42794", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42794 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c5a042e6-8157-55e5-a9da-34182dce2c4a", "id": "CVE-2023-42795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42795 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c6cba2e5-a5a5-5d15-934b-667138d94a5c", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:37aa879f-eba6-58d1-a246-78a689610924", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1821cc16-3946-5b17-a367-43a0cf1f2235", "id": "CVE-2023-46589", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-46589 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:788b157c-40c0-5c35-a196-c83daf04b636", "id": "CVE-2024-23672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23672 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d7a9ad54-f3fe-552d-b15f-f0876f0b4871", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:470f0a05-50f5-54e5-b433-601ac7486537", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0d76a5a4-ea1e-5f41-9c22-542ce8f2c172", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b68ceac1-f9a7-546f-a911-ebcbd12f7afb", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1fde96fe-d5b3-5606-8ffb-0a3094b04a83", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6cd86953-35ba-5758-9566-d4b1d6f1f042", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:178908d4-3ada-53dc-9020-38608ab6c72e", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:21b10e74-48c9-57b5-9bf7-7299b48e5d7b", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:16983d8f-8c13-5ae8-b198-54449004c1ac", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:12ea2f15-b943-58c0-91ae-350d897202e0", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c45d370f-9f03-5613-902b-2ac58433b219", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7e396c7e-76ba-5f57-975a-bd391bd008c7", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0ea7868a-88a5-521f-8a9e-aa52d236ddfe", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a67b5a18-bc1b-5d20-8da5-cc0703612a82", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9e1a3c1b-35e9-53ac-86e6-93403b71a1f3", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:349cd0b7-dd00-5619-9fcd-c32411074f13", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:eeeef4fe-2ad4-537f-86a8-18b2722fa75f", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:54bf4dbb-623c-5570-9d77-4f8cd2fd984d", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a2cb2123-b7cc-5d78-8708-15426248352e", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ed7177d6-d463-5ffe-9a84-43a81adf8f9f", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9639751b-976b-5061-b2c4-77d8c52d0882", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c5f21906-a1c4-55ee-9698-1fd32f7793a4", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:794f8b4e-ce7d-52ab-be63-b3b1455b6cef", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0a8fa103-23e4-52e0-b052-66425ea9f00b", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:97464925-9803-542e-922a-d780f536d8a5", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c78e522c-8711-541e-9620-abd2eaa319a4", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fed596d5-7aac-5131-83f5-1b374cb8aa1a", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:971680e5-5afb-5f33-9f41-f6485c5e2e1e", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ab070bfa-ae09-5315-9abc-66aa6a489d8e", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f2f53014-71fc-552d-be84-8e60c49772a1", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.75-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.75-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.75-tuxcare.4" } ] }