{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:869af11b-4008-5bc8-80d1-57f913414692", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@10.1.18-tuxcare.3", "type": "library", "group": "org.apache.tomcat.embed", "name": "tomcat-embed-el", "version": "10.1.18-tuxcare.3", "purl": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@10.1.18-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:9a96daf6-afd5-5549-91dc-9e6c3d3afd1e", "id": "CVE-2024-23672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23672 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3f578745-b624-58cf-8d25-15891d0addea", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2e963aa8-f8aa-5735-b689-41aa3cc7329d", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:527f9216-280d-51db-8078-03e7081a8136", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b5c5fdb9-d933-5131-90fa-2c2b00b58b05", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:935d29c8-540f-5624-89b9-643a562f8df5", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0f61b087-0789-58ea-a4f1-c1b7ab124d1c", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fafaa1b9-52e2-5e65-b72f-6e58318d413d", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ab22fa86-0bc3-5ba3-8867-0a4b41aaf635", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:be6024d9-4565-59ae-8645-06a44885c730", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5d9a3f34-ee13-5060-837d-bc6ec2dc0383", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:11c6d928-53ad-549d-97df-71670a7d0092", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4351ea2c-1aef-50ed-a61a-6ca9b732adb8", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:edd9f978-6a13-5850-a46d-f80b3052daa5", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1be1fe72-fd87-521f-9049-dfa28775b11f", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b43f787f-f7a5-5a99-955a-2baae379871d", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:790e8ba8-7a6a-5cee-a769-5c5d30147c2a", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:88cb6cc4-b816-5ea4-ae91-2b9dd6672559", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:39d59be4-6ce5-551a-9b5e-d0dd5ccc55ae", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8b2af3cd-15bb-532a-b893-fd22b1406932", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a27875c9-d3f7-5e01-8908-c41d2e5bee86", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9970299c-c1d6-5b8e-9408-bb3c323a8b4e", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ec633b5f-03b8-545c-9d31-ead4e172abe9", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 10.1.18-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:eb0820fd-52ff-584e-877b-e5569d144485", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7c65102d-7a02-5c46-abbf-ae74415c4db7", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 10.1.18-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:409b06cc-1a35-562d-a4d1-d393b2fdff2d", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 10.1.18-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:aba111a2-67ea-5947-9598-71cbe4e5c91f", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:28c1b5db-e0bd-5b08-8d1c-ccb53101b7cb", "id": "CVE-2026-29145", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29145 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cf02e87d-7d12-5f88-b516-9a681152fa2e", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 10.1.18-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8d98521a-44ce-5306-8301-bb091b8b27da", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 10.1.18-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6ec1ce5a-9d0b-5a34-8f5a-5eebc5741cb8", "id": "CVE-2026-34483", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-34483 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:354f9da2-568c-56d2-a717-c208f5bc5017", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 10.1.18-tuxcare.3 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@10.1.18-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@10.1.18-tuxcare.3" } ] }