{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:a1c66ad6-49b6-597a-9729-57e2fbb5fe39", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.3", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-api", "version": "10.1.18-tuxcare.3", "purl": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:55f6a84c-f0e0-56aa-9a47-fff3f44116c9", "id": "CVE-2024-23672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23672 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:eb7a7532-40b6-5755-a774-314a7850554a", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:34280b16-8908-5d84-b36d-48579fbd6b40", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4b4633a4-151f-5280-8e07-f4f830348dbc", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0499b423-03d1-5ada-b614-766eda014252", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3744ca9c-7d20-58d6-93b4-7603964f2ad1", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:70f254b1-26f5-5099-b455-092d41e98c0f", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a2ec7dbc-3d5a-5f18-bbe0-494904b7b3dc", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2959207d-4b28-5211-91da-a759f985b82a", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d5d0263e-f7cb-5c94-8b02-93a3c21bcbfb", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:09e03607-cf96-5ae2-a24d-346aab450dd3", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bd8b7599-18d3-59e6-bf0a-0954b80a7776", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:31123f3b-50c3-5d72-9f7f-bcd234c75828", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b36aa4d5-4192-5089-930f-3ea39e3b30e7", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4e9abe53-7f44-5ea2-b597-46c4c4359ab3", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e68b3ab6-dd0d-5748-b51d-e6ab5774921d", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:054622f5-21f9-580f-9254-4405c10145ca", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:eb8a1960-f141-5951-aa20-d17d9d40cc65", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d3ccfca3-d96d-5537-999f-07df0d7d52da", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:45ba6e6f-4777-5dae-a4b0-c39511ac0c48", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cc0321f9-d8f7-56b0-907a-dd7577e8da5f", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:962736bd-0c97-53c8-a382-3e3ce22cd494", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f849b24f-e33d-5e1e-a32c-f274cdec3291", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1cc63676-4a88-5e3a-ad0a-b3089b593bb0", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ea4cffb5-cff4-50d8-a829-e1dbe0dcb886", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b5d3b718-0339-585e-a010-e1a9ce9248e5", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fc136ebf-25c0-528b-9dfc-2ebb366e8af5", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a56ca8cb-7bdb-53f8-ad70-ab7f657915e0", "id": "CVE-2026-29145", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29145 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6e7942aa-1594-57e3-959f-3a6ec16cc1fd", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:213ea406-af65-566e-a345-e136d0a79661", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:59228e1e-6951-50cc-a6da-7c89450fc614", "id": "CVE-2026-34483", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-34483 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b951372e-7327-5a11-a187-0f1dc5aa2530", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.3" } ] }