{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:19928a8d-4f07-525f-a5ed-fb3040cd0a0c", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.1", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-util-scan", "version": "10.1.18-tuxcare.1", "purl": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:aaa3ccb4-eb5a-5a93-ae58-9551586910b6", "id": "CVE-2024-23672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23672 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d17fa6c9-ddca-5e35-b08f-bd4d414d302d", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:afbdface-eb0e-584c-80b6-da163bb89920", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7d624daa-4773-58df-a6b2-cf7240b49847", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:547d89e8-0c11-556c-a0de-213ccbd40efe", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:add14a35-ceb6-5ff4-b534-837a5edbf108", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:882a266f-0af5-58f8-b14e-f81c1dcdfe68", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ea9c12de-ac92-59b4-9b09-70b04045ed71", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:81db3a53-039d-5427-886c-1d8c6edfaa2c", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4ce2793f-726a-5f55-9de2-bf4b757aeb47", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8cbebc57-07f0-5d34-8e87-92e972d4611d", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:39154043-8f03-523a-bfc3-1d186279d001", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2f8ad104-0fc0-5646-9f48-380159b12dfb", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3f515360-9010-5105-a727-ae6757110e9a", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e5321135-d6d1-5e96-8997-606d000dd6cb", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:49f3b36d-cd61-5c08-bf85-1087455343ba", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:093fcf0b-19b0-55d1-985a-d45e54ab3a70", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:89b3a985-c67d-5a51-b27a-fd22ae4664a5", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3dccf019-62c2-5d05-b46a-9d2aa9085fe8", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cf208da7-fefc-55a3-83ac-c00f004c77fa", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f6f289ff-62c4-5145-909e-07dcd8fa816e", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0d2533a5-c9b3-5e2a-9e0a-575e5180bf48", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b94aeefe-4ed6-5ecb-9d5a-84b93152f573", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ad8f4f84-a290-5508-bf92-3d26287fc9d8", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3087b77a-7ebe-5727-9384-cb12d13f445b", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c2228744-aa6f-5859-99fc-760477f6e576", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:776bdfdf-1aa3-5b9c-b739-36566044a1f2", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:52a3950b-bee0-550e-99e7-00ccd8ca6473", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:806f61de-3772-57d8-af79-6392d88922d1", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:666968b1-2965-52b3-890c-28c668f1711f", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3ff3ff4d-90d5-5381-8f32-1e8708694b45", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e3ea94ec-3f62-5e2b-a0dd-fb11a1ee251f", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.1" } ] }