{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:97c1f1cb-5c16-507c-9187-ace29da1a01b", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.3", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-catalina", "version": "10.1.18-tuxcare.3", "purl": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:fcb22e3c-7430-533e-8291-42490ee4c214", "id": "CVE-2024-23672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23672 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:731b877e-3780-5a76-ac61-e97c37d2dbb5", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:69da7800-ce6d-5b31-b93c-1ea8e29e2b00", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:42f68e8d-a339-509c-825f-7634e9fbc530", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a8f93991-5b1e-5294-8b5b-292fd804e266", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2e004b12-3a14-52fd-ab2e-e25bb0d80a59", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8536781f-8157-5cea-9e4e-e30f0e76bcb6", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6896e265-f20b-5054-8c0b-3f97c60314f6", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8c9adb3e-3bc1-5b7c-893c-a4179351e081", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4acabde0-2a6b-510e-a203-1b6fd3d9692b", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6ad2421d-9083-5be7-b68c-e296a3a5de42", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7c9a0300-4b72-5187-a191-b603c20f1fe1", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:190b4949-1512-5ebc-b4d8-ebd2146f527c", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:25e6b859-12e1-5498-bac8-0eeffde2daf7", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b2cc3863-ad55-5df1-ad80-22035f3fca19", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cd2d9e48-c5b3-5408-982c-8d3b7e92e65e", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f8664894-7339-5ee9-a4ba-a44a11a3f009", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5799c056-82a8-55a5-a170-14ab2cbaedd8", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0f36c9d5-7df8-5aea-b730-cf060ae38a44", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8b344e74-2714-5ffc-a4d5-dd0f9b054bfb", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:791a0333-206d-50f5-865e-a6f2109ad1e0", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6e30b373-82f0-5c79-882d-06087154eb98", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4b2255f7-4739-51e3-b4ee-458c6bc2a03e", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:88b8d1c0-10f0-5e36-8125-fe2d728f0681", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a4d3bdee-edf9-5e1f-af5e-fa40cdd3dd1c", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c2f7e459-1f06-590c-9a3c-0b7d0c3459df", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ac5bf930-f2ee-5678-9051-7b158f72d7ef", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:250c9ab3-ce7b-56c3-ab1b-65199a86ec27", "id": "CVE-2026-29145", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29145 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dba6d25c-9a6e-5c5b-a833-fe3335ccef12", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ddcd2f0a-9c32-51e3-8a1d-3ccfce85dab3", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:77d25b61-2af4-5db1-860c-1beb15a873a8", "id": "CVE-2026-34483", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-34483 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1278fe31-103c-594d-949e-36f5b99d1fa4", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.3" } ] }