{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:cc8d0246-f304-5ce6-98e8-c742d3448104", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.100-tuxcare.1", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-util", "version": "9.0.100-tuxcare.1", "purl": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.100-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:e659c0f3-e771-5896-9161-60e3acf1e6a1", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cc52918e-eefe-5594-a7ea-34c4b72cf05e", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:75979495-01c8-50a4-a460-4da51d11fdd8", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:161e58e8-209d-5256-9594-607d7df9ef11", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:86fd2695-5a0b-5449-b40d-6402087dad11", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ac41c860-5827-506b-8344-7fa226241452", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7b9a1600-0e33-569e-ae65-93ff72030454", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:37babe14-3aa8-5e4a-9d81-da579a593053", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:84c6687c-2ab9-59af-8d5f-6d0146a432d8", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a3033dca-82d6-5d39-960a-ade273d75886", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d8724e8d-5b79-5bdd-95ef-76f78ba8e2f1", "id": "CVE-2024-52316", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-52316 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5f768ff5-06f7-50b4-8675-325dd7b42a2c", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a0a28f5b-8d97-5bec-b27e-1d56bc4312cd", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:946582fa-4e1c-5882-9290-c46a508194de", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3ddd3aea-ea8b-5571-961d-985b918e249a", "id": "CVE-2025-48988", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48988 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:96cb641d-9886-5478-90b6-5b62a2a937e6", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a85c822a-8059-55fd-99b5-544c93367fe3", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4484cbc1-a008-5c80-ac70-b58885eab176", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:99f2bdd2-55ad-58df-b46e-481fc5d9cd47", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a2d5efe1-b57c-541d-8019-7decc5187333", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fe832d65-e1d1-5e71-b02e-930e98a7d243", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4714e331-ff80-5896-a5ac-fd1705597dea", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7fd71c13-2473-5a4a-b55e-43a1b7eaeaa8", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:44d7170c-4d44-5b25-bfac-0a44979fdc8a", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b3a1f373-22e9-53da-82bd-59717bba7f88", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e3818e92-de3d-5d29-8d4c-b4dcd43c7bb7", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1d0cee7f-1b16-5bc1-9d80-bb1b4f3e7536", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:58f6391a-e94d-5c55-a23a-60057bd6ca7e", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f51feddb-3ed4-5cf2-9c81-85118248ee89", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f625eb4b-572b-5b16-bcc7-1c8ffc0e8b2d", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a773c0eb-f691-535f-82e8-42138c62a5dd", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7575648f-3747-5837-ae34-09a4fdd44c6f", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:07612ac8-9b66-5f08-99a0-137cecc92b37", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f2175858-def8-5f61-ac25-cf4ddb565dd9", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:72384686-0ddd-5a35-a813-a4d8b619349c", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7e550613-28f8-5ec9-9a63-83a7ab539ba4", "id": "CVE-2026-34500", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34500 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.100-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.100-tuxcare.1" } ] }