{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:9771de2f-0409-5b45-82b2-50fd6098799d", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.1", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-jaspic-api", "version": "10.1.18-tuxcare.1", "purl": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:8de0927a-279b-5ab9-9c9e-1192f31f450b", "id": "CVE-2024-23672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23672 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fbcd340f-c1d4-5c82-b630-bd5e861d74c8", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:61465d1a-42fc-57c4-87f4-88948b6290dc", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:23765ae5-4336-5c95-81cb-dbc45f21bbce", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c13aca04-c5c3-5ec3-81a7-c9492e28287a", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:33a5de91-bd44-5f40-be9e-82a9e8f34785", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c1c05f31-3fc4-5b06-9348-796b9faa13ec", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e106a2e0-8c28-59de-8bac-495a3196512a", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a9f42bb9-55f9-5999-855c-2fc52a8251ee", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:94ccddea-79c9-5c14-838c-3b813f2edb4d", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b4dd6e53-5763-5647-96f9-2fb2e46171b0", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:92fbfea6-e178-533c-91af-520420484b90", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3ddf91c7-5812-55c6-ac9f-b3579605fb55", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0a5d82db-756d-5559-b70d-5ef0f759401d", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d6b7704c-b33f-5314-8e84-66a8403b8321", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3b45d2d7-68ed-5c93-8640-f69389a34d57", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1ae17f34-afcc-51d6-8132-3764221975ae", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c57f0e5e-5b38-5c82-a4e2-13dae58181b8", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:02ba1a55-1639-5677-971b-431fdfba0b41", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c08087c9-e397-52b7-9abb-be79443c4137", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6943b4e0-ffe1-5709-a139-f3dfc846a915", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7e1880d6-65b2-5860-a4af-9d00ec6777b9", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8aa1395c-3f1d-5fc9-bb12-caa836b1a3a2", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2c9ec5b5-9f54-5817-b9e7-5a8ba370e799", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:67c22099-b64c-5a4b-95c3-e1b8a66bf080", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9f0e38dc-6f61-5cdb-b952-0b644dcd3faf", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cef6c2f2-fef0-5b12-95f0-e5eaa1a4b790", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f48aef74-6d35-5f38-bc2b-aba72739a645", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:41b64afa-ddaf-5d97-9c38-5725e0cd287e", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:379b4a84-33e8-5ff8-a382-482d455d33ef", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e4886153-4dcd-5d87-9241-7b69847c2106", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:749881ed-2ac6-5c2f-b234-80e10e1e46f1", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.1" } ] }