{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:a6892f2b-ab05-5661-a13d-d60a3e6c8380", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.100-tuxcare.6", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-util-scan", "version": "9.0.100-tuxcare.6", "purl": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.100-tuxcare.6" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:e604f98f-9f76-55a4-9d06-d3d4b5bd657f", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:45fd5f8c-4263-5b24-9a9d-5a20e6afea83", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:0284be7d-1601-588a-8ae3-922ae9d10d4a", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:5dcebc10-5b69-5a9f-ac48-133b98c64eb1", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:2ab7eada-938a-5191-bd08-b47ad5b04c77", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:ef5f4c38-bdc0-552d-81d8-0266e006e0ad", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:244c1a48-4da8-5304-8355-9cc4b4699623", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:04deff3c-608c-5e6d-aa6d-514da1b75ab8", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:fc9362f4-8c3d-5089-ba6a-d0478bffb7bf", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:abb399dd-32ed-5da1-87dc-ab36ebdc13a4", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:8474f950-47cc-58bc-b5e0-1aca8e0e28c6", "id": "CVE-2024-52316", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-52316 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:ae64a5fc-e603-54b7-a961-e079b2ae64f7", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:83ed7cb8-eeca-55a3-85c9-16e3f32a7365", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:17346ff6-63be-5b97-94b9-6512ac66e146", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:43495d63-48a2-52f1-af23-ccdff27e6fef", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:c23c6cc6-3bba-5a5c-a542-5fe7f13c945f", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:964c8dc9-41dc-5018-9f42-2001e8d3ed2c", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:e9a54fd2-91ab-55be-acc3-9f322e7a6e38", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:aa78ad79-268e-5547-ac9a-acd3538e4e11", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:b740f5ec-4120-5794-8820-d4f3fb65436d", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:f08500fd-78d7-5acd-be0d-10df58bb40ae", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:501608e3-8970-56c2-9ff3-f3707c51f766", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:4e543433-e75d-5246-b10b-d5d7a5026dd7", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:be55e7b5-070e-59f0-958f-625374bf7b91", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:b65e62dc-a983-5d5f-ab0f-18c92da2f9c2", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:ff9fb427-314c-55ca-9f2c-c7f67304f815", "id": "CVE-2025-66614", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-66614 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:aca26558-f82b-54a9-9728-7b78da5683f7", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:4e4e0720-2236-562e-a832-c213f70b62c4", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:3c2c19fb-5505-5e85-9bc4-54331d46b4e9", "id": "CVE-2026-24880", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24880 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:caa6ff85-df60-542b-8396-fbbaeb33348f", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:7f375750-8bbb-5f28-b9f1-21bcdb51b299", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:53e32973-4f9e-5970-9f28-322955ab1c1d", "id": "CVE-2026-29146", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29146 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:6c6421cd-a899-54ae-924f-e094ad87e32c", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:a2ef2835-d7fb-58d7-ab8d-817e61363efb", "id": "CVE-2026-34483", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-34483 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:3dcbb0a6-40a4-5cb6-a45e-8a79a48d930e", "id": "CVE-2026-34486", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34486 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:487accdc-12e8-5dd4-b918-580fcbb4e440", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:102d7cae-d234-5e6e-b6cb-e9d845a43638", "id": "CVE-2026-34500", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34500 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.100-tuxcare.6" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.100-tuxcare.6" } ] }