{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:1ef37a19-7964-5a5f-9e0b-22c5f6287d91", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.2", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-util-scan", "version": "9.0.87-tuxcare.2", "purl": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:c7aada29-dbea-57e8-84fb-39a36387c6ce", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d77cd9fa-30de-5bac-92c2-bcff6ea9913a", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d8b74f61-c2de-51fc-83a1-86cb2e0c1e36", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a4e11416-5c74-5e87-86c2-5819f92ba162", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4436719d-2658-5a4e-9247-c522035015fe", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1d9e3b62-c629-5fbd-a53f-80ff189db5b7", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:18cff095-99d1-53cc-b311-3e8c547990d6", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e3c184c8-5bb7-5075-a176-847a33cc02a4", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:803335ca-4230-5fab-8079-ca776d4e62f2", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:53dcf8d6-1f6d-5d82-a984-aed61fd4952f", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:13316698-55e5-51ac-b9cc-f3b55de8c335", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:162d8924-d66e-5da3-87d3-8742f6e3a95a", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ecbc98d6-e48d-5b92-8932-46cad9dd491d", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:26dbe752-6e7d-530a-854b-520cf816a618", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d8fcd10b-cd40-54a3-a578-182340fa0a0b", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:55d67607-18e0-511d-9b83-e165a1698caa", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:aa7ed915-b39d-5084-95a0-1ccbd9fbd005", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9897f200-faf9-5eaf-97ed-d38fdd70db19", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:df7601b8-d1f2-5732-a0ec-e7adbddeeebc", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:25db6ce2-968b-5a71-b714-5e73cfc8a185", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:531e666e-4e5e-592f-9eb9-c30f75e9c648", "id": "CVE-2025-48988", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48988 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1d8f5f9d-5606-53da-949e-8a0c8e3fef93", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:69b8e123-6b80-5476-b874-79cd75dc336c", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:be50b256-d05e-537e-9b6e-b0fbb8d04791", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f369f685-557c-5819-9fb6-e6917a676f76", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:adc7bd67-3e04-572d-b031-2b80fab408ca", "id": "CVE-2025-52520", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52520 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:25b26c9b-db5d-5a66-aff4-f6205178f0dc", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:19a9645d-f952-5a30-aa9b-3683b80ca43c", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a3e2b8aa-c2f0-53c3-b668-7a56776af698", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e80e13cd-804c-5e32-b6b4-281344076044", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:42bb92fa-657e-5541-b0f2-c315f60a3cd9", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ca6bf004-2bbd-5984-9225-265f6bf604d2", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ded54186-b16a-541e-9f8d-5a72e73163ae", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f9202679-428c-5481-ab0e-33c8047f0189", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f3a4a85c-3a45-5575-a48f-1687990c2e2d", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7629f08b-5a1f-5cf0-8322-5defc9044696", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d5cd016b-d2ad-56f7-933f-0c3bdb9f9ff3", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:987cc388-1bf3-59e1-8840-6e1521532a7c", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:31446b31-de97-5ad1-b0cf-da3ea3881ba5", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:313ff076-31b6-508f-b22a-c186b0a708ab", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c753ef09-bced-5e9c-bdcd-e078eeeffbff", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.2" } ] }