{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:28867496-e704-5d42-a1d7-c364ade31f31", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.100-tuxcare.2", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-util", "version": "9.0.100-tuxcare.2", "purl": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.100-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:ef39968f-d644-5833-aef6-64d71a329196", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:95c2315d-60e3-56b1-8b94-1e79ce9eed81", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:46acfdf1-b0e0-5ec2-be17-7a69e47e9db5", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cbc39492-dae8-58c1-a747-df83f88bdb03", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4ace9dc7-8171-5575-b608-1c0ff521edfe", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a74f9cca-0be7-5dd9-958b-6670a6d07955", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:838329ef-56af-5fcf-9879-38f93f46c135", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:464286ff-9c0d-513d-b37d-4d25bf52ba1e", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a3605906-b0c7-537c-83f9-15eeb2353ac5", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3e13b11e-6592-5555-820c-836d9b424158", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:88a216d9-a5f2-56f9-919f-09e6a293434b", "id": "CVE-2024-52316", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-52316 affects version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:aa023820-6e72-5c97-991f-272e6bd5bbad", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:aa628013-28b7-5ca3-8481-8fca986f2eb4", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6cd7d1c5-7033-5227-9193-21e2cb3020f9", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:00903899-51c8-58dd-b4c4-36b25006b06c", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:28a5cc4d-f690-5fcc-93be-3969779f31a3", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:aba21497-7262-5d64-9297-c9a456c25311", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:23f591b9-c787-5041-a7e8-1e6335c80daf", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e0482312-6f7e-5f09-be9c-6954af185251", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ce2a0fa5-36e2-5875-8c15-7cbd74cfbcd4", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3fec7014-3eeb-5b36-bed4-d492ff501dd5", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:474962f7-672e-5eac-ae73-509943b69252", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7f7e8af3-2658-5431-b661-e447b16ea435", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:229bb801-751e-5e2f-b6a7-ffed318aeba2", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c10aa5c6-8bcd-5d3b-9fc4-39c4f575603e", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4f00a818-943f-56c9-96ec-c79351093c82", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a019397f-320e-5a6c-a179-928c6eb6419f", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:247195e7-49bb-58b6-83d0-463f4cdc9ff1", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:51bd46e1-637f-517a-aa31-a4eb0cf6ab19", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:00044a10-d787-567f-bcd0-eaed4880e1d6", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c11fd7fa-72d3-5bf0-a7a9-1882e97794f4", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d894c6e6-df19-5e9c-88e5-cc99bcd040ec", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:81c57043-6605-542a-b340-7ef7f470f562", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8a32526a-365a-501f-bb2d-fe3847214329", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bdd48d0a-08fa-580f-a75c-84bfdef4cdd4", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.100-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bf3cded9-867e-50f6-b89c-6cf1fe6b49f7", "id": "CVE-2026-34500", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34500 affects version 9.0.100-tuxcare.2 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.100-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.100-tuxcare.2" } ] }