{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:0c98271a-ae26-5247-824d-d7e74325c016", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.2", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-servlet-api", "version": "10.1.18-tuxcare.2", "purl": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:6058b6b6-64b3-5bdd-97dc-b13ebdf6f687", "id": "CVE-2024-23672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23672 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ad8c8b7f-d960-56a2-aadb-382f7c2a906d", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:20ea147e-9c38-55e7-ad37-3d637f8f295c", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a85c4d9e-9d1f-5b98-a4a1-db52fe4eb2d8", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1e9f617c-06e1-52f4-baaa-374e429d22f4", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:84d99795-c942-5a24-a2e3-6f51f5027139", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8b79d8ac-2493-5280-a4d7-81eb642b6e1d", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:19d3e2d4-21ab-5220-930b-88f66493c91f", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5d474a20-e247-5f4c-8a8e-17e6fddd0ca1", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ee266f81-bc3c-5f53-8291-16bae6f9191b", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d8ccea24-3d1a-56b3-bb59-e0112e38efe7", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c72caaa2-964d-53fc-b6bc-203c2c37d1f1", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:04996335-d867-517b-bf42-027f71fc1ef3", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9658899c-4524-575c-af66-5b664b7bcfde", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:29c38d8c-1360-540d-9f61-2e4b7d4c2e9e", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:135f6d47-1cc8-5eb4-ae1b-af4baaaa7423", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d71eb2f9-ad06-5b76-a263-906c54eb5d9c", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:65a4c9be-268b-510f-89fa-c37c43145a46", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:606e2c1b-83d5-5a4b-8779-a4c13f1c88f2", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a856275b-9bc1-5320-b65b-256473caa5a8", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:01403e98-8a2a-569b-84c5-5c7565b62c2b", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:851a91d6-811d-53b4-89e2-3136a8fc505a", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d26ee257-7e66-5734-b649-facdfd9f4ed2", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8f312995-1665-55c1-8de4-f062e4318a16", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f2167aff-0ade-5855-8bd3-e55120afc76f", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:53dd3780-0311-5c59-a106-1c7e0b5e6744", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0401796c-896a-5c54-8db4-68340f0cb5b5", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2ce90f1b-f19a-504d-81f9-f81b666ef093", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0744f580-9997-52e0-b400-9d3a25f2da55", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0b815284-50f8-5b1e-a388-1ec22b090638", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:42232a08-21c8-52fe-b75b-9faffd64faa3", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0f2240e2-f9f7-5570-ab88-8860a850a43b", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.2" } ] }