{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:854ea5ac-3040-50b4-9fc9-f0e5f857af3e", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@10.1.18-tuxcare.2", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-el-api", "version": "10.1.18-tuxcare.2", "purl": "pkg:maven/org.apache.tomcat/tomcat-el-api@10.1.18-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:b2cef037-edd4-571e-a090-2517e148009a", "id": "CVE-2024-23672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23672 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dc4beb2c-ca9c-5cae-b9de-c7327c4c81da", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:daf21d64-a253-54d8-9bb9-fb2dc42f7264", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8b018a88-acf0-59aa-a197-8dd55c7e7a31", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e69d5fad-1007-580b-b2bc-9ce706c9a5f6", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e6ef1570-ad16-5a3d-a82e-e589a1320173", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6a22d832-d260-5cfd-81fb-8967e8532d84", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1afec5ba-639f-5399-8489-f0ba40cfde95", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0ddc4f3c-188b-5305-99cd-46105e324a95", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e9dfd45e-b168-5cde-8757-d83168e46354", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:467b9da2-bf06-5cd8-8f51-f39e34349de2", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c4b0de67-1853-56be-a4f8-11399394e197", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:92bbcb32-eed3-5fe4-a80d-fa3df05d7b6d", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8f3c0598-acea-50bc-986f-498ab26ef714", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e567d19b-a45c-560f-aeb9-9bbe74a3ee49", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ab2638d9-7931-58f3-bc9c-a2edbf2638aa", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:da8a77b2-6d8b-5d45-9b54-13cb27ad76b6", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5e5d5a19-9013-58f6-8b79-af6140a70a7a", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:37dd8d5c-b31d-51a3-a8bc-c664b5a7a89d", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:75b8b785-014e-52ea-a036-6f25e511e742", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d15046e8-074c-5638-af51-8e759f2e93fd", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:21dee933-4682-52d0-a397-1cdba31e687d", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a52fec64-37e5-560b-9657-7e68989426ab", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fdc6dd5c-a8f2-51b9-90ab-597a6514d43f", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cc13154f-3a61-5b86-9667-0d11cc316cda", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:26162a37-9e6a-56c3-ae77-2f54dab93c38", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:493b6a94-cd18-5cbb-bd3c-43c75e0d2570", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e564fe2b-b5a8-5d00-962b-b074816bb7a8", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e75f3d7f-d96e-52cc-9295-ed2b4a445656", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:043cb60a-cdec-5d4c-9d2d-090ffd4bf050", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8e6a2cc1-07e6-5cb4-89ff-cc3831c49844", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5c369d99-69ee-5562-8139-b93360e4ad58", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-el-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@10.1.18-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-el-api@10.1.18-tuxcare.2" } ] }