{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:b897d6bb-e551-5a89-a618-b82ee315101c", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.2", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-catalina", "version": "10.1.18-tuxcare.2", "purl": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:561ff333-6651-527b-8c9b-8cbe9f1bbee3", "id": "CVE-2024-23672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23672 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:43d0789d-fc9c-51fe-acee-8d0b19d933e3", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d0ff4fdd-ad29-5f24-afeb-b2a333d17b15", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b38caa55-c3fd-596d-9111-86f6b89b52e6", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dfa78b7b-db1f-5b04-bb6c-4da508a11dc6", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:61056651-b3b0-5ccb-9197-8785fb74c2eb", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2cb179eb-20b5-5de6-9205-5c3f4a107d23", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1c977c26-1c92-581b-8c2c-4fbbd6698dbc", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0da9a3e5-6f1a-5cf5-9a2d-090b2317e381", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f10302dd-594f-573d-b405-4f9807369302", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:74e53537-ee27-5c8a-b950-c3b873c56bca", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ff9fe767-79d4-5d18-9da5-7cd50f6c4f15", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c18e7831-e98b-5ffb-b83c-a821c4605cb7", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a57489fe-77de-502f-a1af-efd4fe68b07a", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:093620fe-c136-5573-aeaa-66bc4e5802c5", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4988154d-751a-5810-8967-5752151015d9", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bc49acb7-5c45-5749-ba8b-b74bbfa04733", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:301dfdbd-a364-566a-a49f-a8e8eaf864b5", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:93df3fb0-080b-57c8-b377-7a7c4923827a", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2b4f1e5a-e44e-500d-bd80-6c5347966766", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:405d243c-c40e-5d86-b245-6ce72efc3ba7", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4ddd3e35-14f4-5c13-a0aa-082fe7b80f39", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:adf74391-d1c2-5fe0-bd6c-0bbfbe1c7820", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:72b6d25c-31c3-50d6-a52a-d564bd83b4e9", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ecf42540-be41-5eba-af22-abe4eafec409", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3d0936ce-177d-51eb-ba91-8a45164bc8ca", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7ada5794-13bc-52f5-99fa-27116b323b85", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cba7464b-34b0-5e03-be74-2eefa025b852", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8c47bceb-f45b-5844-9863-c8f62443e43f", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d0a454f4-a4d1-500e-88b1-3e7de321dba8", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:df9f78a0-6449-5e68-af7e-6d298195a35a", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c5958f9a-25fa-5daa-ae48-7ab17df8636f", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.2" } ] }