{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:3b94a9bd-4231-50c8-9865-236d57c066ab", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.6", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-util-scan", "version": "9.0.87-tuxcare.6", "purl": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.6" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:f18ff28a-502c-591b-ad0b-7c360210a61d", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:97fb3c19-eb6e-50a8-8f67-b6c67f3af5a0", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:2d3fb2df-391d-5f31-8b63-aa55e51235f5", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:b3620e56-78df-537e-8063-7c7dd17af5c2", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:ec957992-458b-553a-996b-c1ac85d81f26", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:e17fe1fd-8694-5499-b15b-9843a663190a", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:95bca206-f7ab-5cc5-924f-5b1a617bcfba", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:31e38d5d-90a4-548e-a492-d992ced68af7", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:8de447f5-4ec8-5215-8dfd-7330683db043", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:2e170454-dae7-56fc-a0fd-ab62928335ab", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:1e19b098-d884-5b3c-92d0-feda932787f0", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:578ef3fe-0971-54ac-9bae-623d0c0f0241", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:180c65d1-1e7f-5adc-9ad7-abf73dff993f", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:a0cae08d-4714-551f-af5d-7e7c06db4eec", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:d6120867-f627-5ecd-8877-f16900d48808", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:95c20c8d-8a7b-5953-b176-c5e7f535a96d", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:7d95377b-5a8b-58ab-a8b0-91cccd69fb6f", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:560a01c3-f2b4-5de1-ae47-44b4f002c417", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:23dcb873-01ba-57eb-9cbc-4f3d231e35c7", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:10e47931-511e-51e5-92f7-3dc1a2c55741", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:4be169f3-92cb-51e5-a065-dcd74d94a53f", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:6c0ad6e7-7983-5cf5-8c97-7ab88312a254", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:3f6653b4-8432-5af0-bbd2-f832431a8e4a", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:481576c2-a6b9-52c0-83ed-ee9f6407706c", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:cc517657-610f-51d5-8c06-a2d2baa96b37", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:67451da4-e0ac-549f-ab55-cefef7396037", "id": "CVE-2025-52520", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52520 affects version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:e3900e29-878e-5f28-a0c6-980f2c62c668", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:8bd54d84-9e33-58b9-93ff-d91a6f21a232", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:c5810f62-575c-5e58-a2e8-09d9f4bcafb8", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:466cf22e-0d1d-5c31-ac8d-e1154f996038", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:af1a63ea-3b58-5b53-81f0-b9cdf1aced5a", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:d2745727-fe2e-5945-afb4-0dcd63067cdd", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:3b3bf0f7-decb-5e72-ac81-03d7479bdf3b", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:8e3a61c1-3dab-5df7-93a8-446e5e5b1dcc", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:5ff3c661-e119-5805-bd69-668d150e95ea", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:ed8ea226-d37c-5f11-9deb-4b2195ddd413", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:0ffc6a6b-52bd-5db4-a8a6-b322c40563e7", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:628c7f96-4c89-5e10-b06e-03f510ac4e6d", "id": "CVE-2026-29146", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29146 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:07295796-d09d-5e16-bb1a-d6c95e4a90d9", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:83f6b33c-f8ac-5edd-a6bf-708f49eb5842", "id": "CVE-2026-34483", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-34483 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:fa100ba9-3064-59f0-8c7e-c9c76f3201bc", "id": "CVE-2026-34486", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34486 affects version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:0e74cf41-9632-5452-8844-41ecf0cccdc9", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.6" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@9.0.87-tuxcare.6" } ] }