{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:70d21325-bd04-5813-85bd-8950d5ab60de", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@10.1.18-tuxcare.2", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-catalina-ha", "version": "10.1.18-tuxcare.2", "purl": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@10.1.18-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:d761be8d-e8d1-57ff-b589-97b1004e3d72", "id": "CVE-2024-23672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23672 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:23b5bd12-fba0-546a-aee4-a4dcaabac5c7", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1cda0b72-2c8b-517d-8da3-0b4e00a2b9da", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6ef1878e-8b5c-5d74-abdb-730d4ee769ed", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1e2338ef-bbee-55cb-b746-24229f51336a", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:aace6877-5deb-56ff-a9d3-51045a212609", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:813cbb14-2468-5dfb-8544-1bbe11301bcf", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:84001534-d5b9-5c27-8623-a3ce247da611", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6f644a36-3935-5e1f-95d4-0df79fa9b7db", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:84a5dbff-dcab-598a-acfb-c2fe3b2851f4", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6e7b6a0a-26a6-52e1-a4a8-a6ea03b7b96d", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:15cbd812-f65f-563b-b228-9d3c4dafc247", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b2773c2a-6bb3-5551-ae2b-755d4f8804c3", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:378b46ff-1986-5414-8b78-9ec53721daf7", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e5e795e5-0411-576a-ab40-229f2c9aeab1", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ca1a0a85-9611-51fd-9315-84bdef04485d", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:18ede0da-349e-5c2f-a51f-a6a3d8b8774d", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e005652b-2eea-5507-bd60-6d05351296d5", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:075ec30c-6981-5d85-bec3-b8ff2f9a3985", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0a8d336f-b152-54d0-ae21-79c514c32695", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cb8840db-7fd5-55dc-b7df-b8af755fe23f", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cad1b04f-408b-5678-adb4-d3e2fee86255", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:eaf18b8c-aab4-5058-b490-f57f68b80282", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:da1a5e4c-0e13-50eb-a2c3-92345799a9be", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:495cdcc4-25a0-52db-ae54-e892a137fd76", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ce4fa8b5-8796-5edf-8da1-985dcc68dc30", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dbb7b2d7-dfc4-54e2-ac89-9b30265c8326", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c9524dcd-7cd8-5067-a04a-0fefd099dad4", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8328e7e4-31c0-5d31-8748-82bb6c992edd", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:112e3cad-f713-5322-a252-ec36c221de11", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e9916225-0d6f-56af-9d93-639c80e85384", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:10228d91-9426-5b65-89fd-7b79f547172f", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@10.1.18-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@10.1.18-tuxcare.2" } ] }