{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:ba08eb39-e9ed-5a7c-b742-fb4aaa39c5b7", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.3", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-servlet-api", "version": "10.1.18-tuxcare.3", "purl": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:58c362e1-12ba-51ef-8fed-2169ea5059c2", "id": "CVE-2024-23672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23672 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:975330eb-7d6d-521c-b1a7-cc30795c3058", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6de8addc-1562-5e94-8caa-7d775d63b6a3", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:016aff7d-f60a-5434-8050-f838205f2120", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f501f4f9-ba16-5019-8d01-79b8e112a47d", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f831d54d-947a-512a-b1fd-474de289ae99", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:74f42a43-c4e2-56b5-a1ea-a2478c1ae668", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d340584c-6261-5065-9cb1-2b2569f94f1c", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d6bd8554-bda1-5364-98e3-9aeec73f466d", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ad107f9d-1406-590a-bdf4-12fa256a8740", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2a27bf7b-ee85-528f-92c4-7fa103a38e71", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cc1130f4-3cbc-5915-bbf0-ce1dbe5e3db7", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:06ceddb7-0756-561d-afff-39b4f848f58e", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:28b5cb04-bd70-5b0c-a213-fb1cb5f5ed32", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a25e50b8-3c7d-5d31-b171-bea325b88a2b", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5b08a7f7-22d4-5e97-a886-74a656eeef4a", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6806f291-2e76-59d1-8ae2-c0345b8130d0", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8019908e-30bf-5316-b58f-38c8ede5e8cc", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7278227a-91ae-583e-a07b-f4aa671ccb15", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7738c8aa-14a0-5e18-8ac3-e72b3441919c", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6366467b-6fed-56e5-ad01-84c0cec3b746", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4843d2b0-782f-530e-8efc-89445b024ac7", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9a769993-f982-5b60-9d9c-b5060a3f3a2f", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1c38e30d-f7cf-5b59-9e2f-5ef5bdb3b0ea", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4db65faa-abdf-575d-843d-b90c85f76c69", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cc66cf57-a592-5a3b-99bb-925f1c45a054", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:aac0ad35-991b-5e7c-a4f6-95821f41c727", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:56d94905-58c7-503d-8b53-ef886d195854", "id": "CVE-2026-29145", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29145 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:eb7c97d3-5bda-520e-930e-dfc9c4e96df9", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:97c10ab6-3a30-53df-b474-7436b137be63", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5bbf3332-7b73-5b1a-8531-0bbaf3782b0e", "id": "CVE-2026-34483", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-34483 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2d5eb4c4-b915-54de-b3db-3265b1fb7df2", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.3" } ] }