{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:76af9300-3def-55a4-b1df-8c03780df19f", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.50-tuxcare.9", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-util", "version": "9.0.50-tuxcare.9", "purl": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.50-tuxcare.9" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:3ac671b2-255a-57af-b80e-3dc9e304dba9", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:c7570d07-ddf6-582f-9547-696ac16c5a27", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:22ec431a-af81-5b02-9e80-70053f2533cd", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:565eeeb9-0f77-5392-91d7-fdd3ca487d78", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:b146a697-e3be-573f-a787-75a756e2f45a", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:d10dd51f-56d1-5b15-ab4b-cabf4b4a4075", "id": "CVE-2021-42340", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-42340 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:cfa94d9f-05d3-50d9-9eea-8ffd30d8e6a6", "id": "CVE-2021-43980", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43980 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:c8db4d9a-e724-59f1-84a0-d4dd9d8b961c", "id": "CVE-2022-23181", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-23181 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:f2d18a41-3032-5b10-98fe-ac725a0a37be", "id": "CVE-2022-29885", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-29885 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:60af3cbb-f807-541d-89a9-f65bafb2d450", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:93cf06b5-795b-5df0-bfe9-d32fcfb52964", "id": "CVE-2022-42252", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-42252 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:dfa0c003-0c48-5e50-95ab-86629b8729e7", "id": "CVE-2022-45143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-45143 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:2fe133a4-0d65-5c36-bac5-2d4db9116b0e", "id": "CVE-2023-24998", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-24998 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:02e615ab-772f-5aff-8da3-d0104670072b", "id": "CVE-2023-28708", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-28708 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:ed607cb2-14d7-5971-aedb-908fdab3091b", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:d6bb9b8f-3f08-5f0e-abd5-afbd4b55a390", "id": "CVE-2023-42795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42795 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:8d9b796f-6793-503f-8015-d271e1a3a0c6", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:fcf2b909-d293-5e09-883f-a621f5a4cba7", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:c0bf9c31-3dbe-58db-885c-e3ed3c10f4a3", "id": "CVE-2023-46589", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-46589 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:3b2c7b3a-f230-5894-9de2-055be259eea3", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:cc69981b-3800-5298-b9ef-30e3374b87a0", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:0c3c5daf-9495-5ef0-a6e2-bbe7511195e7", "id": "CVE-2024-34750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-34750 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:9c2667f1-b64f-5d29-8127-844fca89fe6b", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:93c27ecf-505b-5c73-83c4-13492f5f9964", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:4befda89-f699-50d3-902f-55a8f811ed85", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:a5f92616-739a-5a4d-943b-523d3eccccfd", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:6259499a-0f6e-50b0-bae2-490caeb47abc", "id": "CVE-2024-56337", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56337 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:4fb68808-1d28-54d3-aa22-ee1e67f48e4f", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:43872120-167c-5f1e-a4d4-91ff64e8f5d1", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:5c20f5de-4473-5efd-af11-7fa812c8185c", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:08df6e53-b41b-5ed9-b9fc-5f96866c88ba", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:13c4314e-9a83-56cc-89ed-53f16a244296", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:54dcb307-f7de-5bfc-a2b0-80bada0d7259", "id": "CVE-2025-48989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48989 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:8562a693-d69a-5a7b-991c-59a7c474dc5c", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:6edc1a87-f814-5aea-bed7-07886988b880", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:882db269-2c69-520c-8d85-397a4ca2ecfe", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:6ddf1379-03bb-5ec9-b562-1871fa947a71", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:20932519-ece5-5961-afbf-10fdf4a4fd4c", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:b296ad47-9d9a-55f9-b7df-375bb7c97ef0", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:5ed705d3-250f-5094-99d4-27abe3212943", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:748cb4ec-0b69-5dd1-bb7c-6e29cf9337a9", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:60fa0d17-9865-5f68-85af-c29dd52cf660", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:8b1d39d0-c475-5614-8623-430d2dc1252a", "id": "CVE-2025-66614", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-66614 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:ed6392be-6933-509d-ba87-3bb2dce3019b", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:21ee5c74-fca4-57c3-82f7-bfcbc2f613d3", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:a23447ea-36a9-5e6b-a6d4-5b4761856923", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:40c47415-103a-54dc-9557-2f71f327fab9", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:cd9bc128-77ed-570f-bb63-4267b81d32b2", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:fee285e8-7f3b-58d9-82ea-4f7c92b629ef", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:e428bc55-b4ac-5286-80d2-f59fac24bb0a", "id": "CVE-2026-34486", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34486 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:149b52e2-6f8c-5010-b61c-37a55a6f6c9f", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.50-tuxcare.9" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.50-tuxcare.9" } ] }