{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:a07683cd-a241-5a5f-b660-9a5c3110d456", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.5", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-util-scan", "version": "9.0.87-tuxcare.5", "purl": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:719cf643-821a-51d8-9748-5a7b16b5d351", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4d66966d-0aeb-5631-b461-91027442b52e", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:55145931-70ac-5903-833c-ca02f5f2625d", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f3686cd7-270a-5a58-88ca-4ea8b8bd20b5", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:68bd4d47-1baf-566c-889c-b22429d10267", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:54cdcf04-9b6b-538a-af31-a538d9fa433f", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:cdcbfe77-45d6-5079-a7a7-61aafa07fb6e", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a5577b5f-663f-5fd3-8dab-00d781778849", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e5dc6d1a-d38b-516c-801c-823f19a64271", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2821bddc-752a-5699-91db-6720c7cf5ae7", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b9b23b22-b791-58b7-b5af-e5c45a3ccf41", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:cfd11495-2b63-516e-8d72-5fc296da9e8b", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:293a8fa0-f695-5208-9d98-0c30173fa589", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:bfb6c03e-b95e-5e20-a1e1-6cd0898693c7", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2aac8bf8-3871-5c37-b210-6086b9497315", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d83df7c5-454f-50ca-bbb9-6b217ae46c82", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4d46eda5-60cb-5c2a-962d-d6d06bddc1dc", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7170f661-7974-5246-b3c1-c5807f57ce07", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b4b0537c-4f59-5510-85b6-1aff5b398d99", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0eade45f-4bb1-5aef-9d3f-dd08b7965b15", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:19e02af7-6678-5b2f-a9a5-1019511a03f4", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:30460e1a-1712-5094-834a-c6834fa2bbfd", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:89515cb7-52df-52a3-b000-bce3dde4c96a", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:fc5d5991-aed0-5f60-af60-f98856f6b086", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:580a47fd-fb2c-56dd-81c9-2f2de4d3eb1a", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9979424c-2d6f-5fa7-baca-842e9d4d5930", "id": "CVE-2025-52520", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52520 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0157081d-d83c-55e9-93d2-1cd4be391393", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d4a8eba6-6f03-530e-9dbe-c64c4d6a649d", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:cf3834f2-1db6-52ad-8ff4-827465fb1afa", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:170739d3-172f-5f1b-a2d2-11554b36450a", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:620a73ea-60de-51bb-8aac-bdaeca1eda07", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c9edb5c9-d247-5b51-ae8e-7d8b99a57f37", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:614bd3da-55ac-5451-9434-7ff6a2d2e643", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:72215f42-dc5a-53ee-9dea-16799cded030", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5b329c35-abf4-5be0-8d8c-5fe41ba0b18e", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:73e6e069-8d65-5bf9-9c94-a5a9264b701a", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3da935fe-b564-5816-bf7d-05b1bd2a66d4", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e16c4a02-0200-5ed1-a31b-b93dc7b1c829", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ff807a53-3fed-5dac-aa2c-67a013c88d59", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e330edc4-00dc-5b61-8f0d-88b426f0c142", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f006a569-5a51-5557-b5d4-13352bdae7de", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.5" } ] }