{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:5c87532c-028e-5a55-a204-be94b442e56f", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.2", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-api", "version": "10.1.18-tuxcare.2", "purl": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:c533d4b4-dc6c-5460-a867-81cee023bf9a", "id": "CVE-2024-23672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23672 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8f7c13de-2a88-5e06-97b8-df67cc20b671", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fcb8e5b1-4f51-54cb-aad7-06515ec35f2b", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ee189329-e47d-525e-816b-5e5931202dc8", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b84515e1-234f-55cf-adf2-8acb337b3cc2", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f3f36d95-d1b2-51e1-a710-8de7059ad761", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0c1855cc-6172-54ce-adf8-756179f4f58f", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b70098e9-d139-57b7-a5d4-b9e89e5a0152", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4dc9d203-71c6-507d-b25c-613bff889a01", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1958122d-4f53-5058-a56f-b1fab74cbc89", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4e26cee1-2b7c-5ab4-9e55-f52fed981254", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2d93da86-5703-594d-9d0f-a845bd9db8e3", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bb51c9b1-3676-565e-90a5-d1dbc1470273", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1a29f9bb-3e64-5f71-b0e1-1ace2a01818a", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cf24e069-ba47-5d6b-9375-cf03d78f8e90", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d5800c5a-7f0d-526f-81bf-40b9da744aa1", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:07e2e5b5-211f-5056-871a-64e570d06ffa", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3776864d-44b5-5d68-8a41-9a0f046bdd25", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6315bf34-f721-571d-a656-1753bf1eac6c", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e7e28c7a-13f7-5d59-a1c7-700a6445d4f1", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:11aec6f8-3847-5b7c-914e-4fa785a90ef9", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:313fb927-5735-52ba-9475-dda60c037417", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ea770376-0ead-57da-b39f-9bd8ec1aa2f0", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1a799d87-feb9-5863-8db5-84056f388a07", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ec9cee78-6bfb-5812-af4d-69e76dcfcbab", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:630a45ba-22c4-505b-b3e8-46c6df279e85", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f0bafa27-b860-55d7-9abf-0f6dfb1fc5b3", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7e52d23f-172c-515e-849c-6f6a57841fbc", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:32735cc6-f7a1-5663-85c0-bd3627f91fc5", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1555b6cf-9d26-5156-b75f-726847c22b37", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3442fc67-5af9-5e44-a774-72556b85cdd4", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4912745b-d282-5b3b-b5f8-020d22cb3736", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.2" } ] }