{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:7f5a4ba4-94c9-5312-894a-6d285e6b26ec", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.1", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-api", "version": "10.1.18-tuxcare.1", "purl": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:75f125d3-2d44-5643-8aa1-ff41d443835d", "id": "CVE-2024-23672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23672 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f2772f35-58c3-5612-9f7d-bcfddb68cea3", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4340c748-c7df-5770-84d3-b60a9b3429e9", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:88b3e3b6-0628-5249-ad32-4abbfd2dd44f", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:75cad78d-fd39-5f7a-ae38-fe4c977a30bf", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:96a2e32d-d3e9-553c-8570-d28fe951c7a8", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4cd7afc4-ce6f-50a2-8607-ba16f0aa86f4", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:34be0fd3-580f-53fa-846d-8b8b1590e235", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9a2ce3aa-77ad-5376-91c8-3f9edfbdb9fb", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:367dd534-9440-564d-895e-76f12dc6841a", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9f04ed30-4fb0-5fb1-b0a5-a7cc2668b43b", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:72281a96-93b9-5160-af82-603d37ff5c84", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:df6cbb44-1929-588d-b1e7-ee16b8534544", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b571d2f9-406c-5ddb-82fa-d9e9cf3ff8d1", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5aea74c7-7be1-5095-b5a6-e9a76bb004da", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b67df15b-ab75-5715-a7c2-fb9991360a79", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:452da15b-c205-566f-b60a-fe9246249e46", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3a57383e-438a-553e-826b-226dda71ad84", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:35e13fa6-454a-545c-a7f2-d242e94a2b54", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2a5adf41-3f8f-5e2d-9dee-20c8a110e59b", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bd1d9710-ba66-5f7e-aff0-34e48fe77150", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5280eba4-924e-5fdc-a8df-622948a94b5a", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f49929ed-71da-5063-afd7-12fca32dd117", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ee90d05f-e8c3-5456-add5-60e871ade686", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:86c78ce8-1464-5317-8769-19d4765f4686", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cdeed02b-ca45-5ef5-b344-bf41bbc345cd", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f1aee015-6dcf-5a5a-a316-52d09bfa0ae7", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b9424656-4be9-5749-b68e-5c7e13c8f49a", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a14933b0-5826-55ca-8992-444e378b0268", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f1a5e05a-3bcd-587c-a49f-5b5219303837", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b28c6171-ac05-5695-af0a-576a67f51b1c", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:56a34ebc-e9e9-50a5-8515-1a6285a38a49", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.1" } ] }