{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:3fddc32e-a69b-5cb9-988f-e693234d8eb0", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.46-tuxcare.5", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-util", "version": "9.0.46-tuxcare.5", "purl": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.46-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:e6d4644e-666e-51cf-bb8d-5cdb751b7ad4", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:641f431b-7170-50e8-8c72-3f1eba954441", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7fa1c044-72b8-5197-a3b7-2a26ae16e713", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:479e1a65-7132-507f-9fe8-e7f417deaa19", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:705b73f5-2dae-5acb-a646-bc2ba796f828", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8ecb51b0-f95e-52b2-8a83-3f57b1312e93", "id": "CVE-2021-33037", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-33037 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4907d248-68c1-537b-8981-a58a657b2a19", "id": "CVE-2021-42340", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-42340 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:523535e2-cb8d-5975-bb26-c1374e7893dd", "id": "CVE-2021-43980", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43980 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c51eb41e-9558-5990-9f5d-decdf822ecef", "id": "CVE-2022-29885", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-29885 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:583111ea-628e-5706-b068-c7d5981f9290", "id": "CVE-2022-34305", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-34305 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1ef267ea-b759-5b10-b283-741e6ab0198e", "id": "CVE-2022-42252", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-42252 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0fd65559-c8e8-5243-9ce2-8c8f3192759a", "id": "CVE-2022-45143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-45143 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:37c645b1-ba5b-5922-b134-88b11ffc9367", "id": "CVE-2023-24998", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-24998 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:02b836ec-7087-5f31-9ebf-52e51b37bee9", "id": "CVE-2023-28708", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-28708 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6e4af0d1-5464-52ec-910f-bf1cc0eb90cb", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8942e6b9-909d-5a9a-9b78-65c32488e3a6", "id": "CVE-2023-42795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-42795 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6dc603a7-beb7-57b0-90ed-44f5587527ac", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5d76329b-6da9-53f6-9a3c-ffd1392e353c", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2ae37478-c9ca-51c0-8b2c-d164d6645b91", "id": "CVE-2023-46589", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-46589 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:21d11188-f667-59aa-8f30-0799480fbd16", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:cfec763a-91de-524a-a890-55f61051e5b8", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e61e0075-4b44-5cad-ab50-83dbbe8d422d", "id": "CVE-2024-34750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-34750 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:62a90307-6a3b-539a-b960-b6157019b0c8", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ef0bc656-29a8-517a-b46e-ed74f677836f", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ef339179-63d2-5e1c-bcbf-5736e9406bb5", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5561598c-bd65-5049-a5c5-cb4368f091ed", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:55fc64ab-a74c-5487-a72c-39dad5d67bcf", "id": "CVE-2024-56337", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56337 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:674ce967-af47-5113-8535-b5379c1a31bf", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6a5e6365-b35a-5e1c-b013-c4b09248e75d", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2df115bf-9fe5-55d2-925e-818431d4f2d2", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:49bc9b98-9edc-50f6-8170-89bb62bacade", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:87fef3cb-1107-5c9e-a957-8a6a1bc335a0", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f2ecd976-cae4-5c18-aa19-2b981e18be33", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4abd8084-5881-5bff-8b7d-520b6b5f5030", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e4dd811d-ee43-572c-b0ce-503e26cc4609", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b8aa91a8-92d0-59bb-99d9-673291316909", "id": "CVE-2025-52434", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52434 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:cb0a61ab-1a90-5bf7-8f6c-70461f859a9b", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:426cf71e-dc37-5423-8ecf-775aeff9a01f", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:54a7edc5-fbee-583c-9936-1317759fd2a9", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3ca1ab55-a1ac-5ec7-bfd2-b88794374889", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ef41a6fa-7aa6-5352-b03c-56a9f4d2ed7b", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:997188b7-3e68-54a7-8415-ecc1d2c65520", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8afeaca7-b218-5df7-afb7-26f7bf5c6ade", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9669e634-aaa1-5271-b260-dc5ec0dc87c5", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7f2c8ddc-7fd5-5843-bf68-b53222bfebb0", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b8bc2002-6682-505c-b522-7ba0c55f3516", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1ba4c9c2-83a4-5fb7-a91f-430a3f7884a3", "id": "CVE-2026-29146", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29146 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:bcb928b5-ae66-5bf8-98a0-416cda3e63a3", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d54c3de0-c226-5e78-ad9d-111fb74b2a99", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f7fc1513-991f-5fa3-b6a9-4310bcad179e", "id": "CVE-2026-34486", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34486 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b04782e7-32f2-5c9f-b92b-4ca26da0592c", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.46-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@9.0.46-tuxcare.5" } ] }