{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:eebdcf81-4227-58c3-9a97-a5270fa093d3", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.2", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-jaspic-api", "version": "10.1.18-tuxcare.2", "purl": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:616c2f48-b98f-509d-8b29-29a5c7ba678c", "id": "CVE-2024-23672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23672 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c8ff4ce2-9e06-5693-8fcc-31f7ecc5994f", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:220f10e1-9692-5174-a2f1-ae0d98c88873", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2e466040-545a-58c9-83ad-ff54c4b64d5f", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9e15028a-4279-5b0f-bc30-824a0943ddc0", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b84ed6b3-e045-503e-bbd2-637504d02374", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9faf5517-99c7-5769-b68c-3f1175d69a54", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:63c6cb40-4dac-52d3-aa78-df32a787cd44", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a84d8931-7eff-51b8-8745-51d0350f2f63", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f7133358-86d8-509d-9e09-b24a3dd2ebb4", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f5b0ae25-cb77-570f-8fcb-81c4ddad88dc", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d33ec1d9-95b4-529b-aa66-ecdadc668e67", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c19b39ac-0fde-5d98-8606-85d7eb6f4d24", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fb7e891d-de30-599e-8a85-4a4a94a76803", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3fd4bbf1-211e-5d2f-a4f6-f89cbab82d9b", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c7ccbd99-3943-54f3-b40c-8e51f29209c0", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c3c4d947-5cda-57f4-ade8-d9e9eb2547cc", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:85f29cc0-f01c-50d7-a29a-da401760dc33", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4ae0ec91-2496-5c36-89ef-ebc0c13845c9", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:93bd9c52-e8b1-5304-adbf-d6e1bf075971", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f1978ce5-0fcd-54c2-873b-3fb71e0697fa", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e28bf272-da0f-5c9f-9a9f-dbe11ade14c7", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:572eb20a-aad1-5dad-9eff-d13d343496d3", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2e460deb-859c-53c4-9137-132660440147", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2a0885db-39d7-57bb-9fde-980cd58c9d2b", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fe32c59c-bea1-5f38-94df-ffac939e77ec", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5b9be179-b644-5d1b-b64e-b1c597939f05", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d7380eaf-cd60-5fac-9d99-5fd99aa3eeba", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e460b79b-8462-5fd9-87a9-ba7aa281bc39", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f8c28fdf-f0e6-576c-a94b-cb244b11b4a0", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0b1e5854-08a2-5870-94fd-f18268c0dee3", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2ef731e8-9de5-5e09-953e-b5a623d53bc2", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.2" } ] }