{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:531fb59a-74d6-557b-b505-38be57748bd0", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.3", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-jaspic-api", "version": "10.1.18-tuxcare.3", "purl": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:c1bb2aa9-5d15-52dc-b03f-350109bea03a", "id": "CVE-2024-23672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23672 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:90793c56-e478-5526-bec9-4748d7141402", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d52bf721-fcd6-53d8-8577-92f385f63a1d", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:53d25bca-9b96-5153-b0fc-73d5f74c530e", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bac40b23-d5e7-5f3e-821a-b41513f38d30", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a0d90e62-943b-5c7d-9143-bff243e85cae", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:97089fa4-ba3f-560c-a1af-2312840c2fe9", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6679f865-9ae4-5f87-a85b-0a5f92c8ba57", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b3957627-0949-5e14-aa99-3b2462986e38", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e957995e-d888-5336-9f8d-9489082d6995", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:90d340ed-2000-5cf2-a029-886e88371325", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3d3961d4-0029-50a0-bfd6-9804a58c1521", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:84491281-9d98-5d05-85f1-4f850c7bb004", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e0874d8e-1f94-5285-ad2a-9942d43fc84e", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0f06ee21-a2e1-589a-adc7-97d89c5571b8", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c74ab4d9-1907-5b3f-bdc4-14e9c31878bc", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b1d95cec-c626-5c31-9972-e40f55ff3b2b", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:64083e32-6c77-5a0d-92ac-a66003360218", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cfc0d8d9-c887-5f65-ae82-b3b3af69ec70", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1a4db3b1-036c-59d0-ae24-c51fab81f3ee", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7114ca8e-6f8d-5834-802d-025bdc5fd5ba", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:418bb3f2-5acc-5151-9f53-202034fd8d02", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:81f901d6-b107-57f7-ae43-62934635c4f9", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f09b7e71-0e60-5d3b-8185-f733e8c5ce95", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:50ba9d06-854b-54ec-9bc8-d279c9bdc2f9", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4055e8a0-0ab2-50b5-9e80-920dd78fe3df", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ef3e1ec7-afc6-5df3-9616-2127e87e6d9c", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6f106b7f-c482-5bf8-92b6-7c51fd7ef592", "id": "CVE-2026-29145", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29145 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a8c0521b-6c93-56df-b483-4524650612a3", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c996d89c-a2c5-5393-8ae8-6ee6ed18e576", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c3bd4799-3d1b-562d-8be5-2a58c883c0b5", "id": "CVE-2026-34483", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-34483 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1864d451-9a99-5efb-88d6-d60ab5b3c87e", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-jaspic-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jaspic-api@10.1.18-tuxcare.3" } ] }