{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:89083664-5636-5fd1-a5eb-2c343e125ec7", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.3", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-util-scan", "version": "10.1.18-tuxcare.3", "purl": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:3e425ee6-48bd-5a8d-bfd6-bdaf60a864b7", "id": "CVE-2024-23672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23672 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c578e5aa-636a-526f-b1b0-f78f61377248", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:760b23cc-6002-5e20-b5cc-3e9acee52b83", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a43f282d-a5f0-566d-aec7-cbf5b6c46e30", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:07763637-ed0b-5068-92db-49215507624f", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:275125e0-48fc-5a61-9458-ebd782816a65", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4fd35a19-97cd-5284-9b22-717c95881321", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:53d8e96b-9d6d-50ff-888f-ffc643e08866", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6ad59e2b-545d-5bdd-8f5a-ab662a5728be", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:53f2a1cb-01c3-5020-9d85-c94c621e43d6", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d7942337-bdd7-5858-a3a9-a1f0d40ffaf8", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dcc158cb-793b-54b7-9b96-6b8a9a0bfbfe", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ba1b13df-75c4-5727-9894-fe866bbca683", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a41fc6af-cfae-5fb9-b3dd-aa146e8d67e0", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6088991d-35c4-5c82-9596-63d1a9f3c684", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b222f59d-75a4-5b13-9480-7cc91291b7bf", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d58a7c87-f0f2-5283-8415-3cfc6ee01363", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:349f2bb2-d936-5885-9014-5f8fda3664b5", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3ad1c1a2-8ba6-59e2-9307-8b761a64dfcb", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d0042848-9606-504b-b66c-3049c882526a", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7b442ff0-1de3-56ee-858b-ff603d5f2525", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:413ce674-bea2-58cb-9907-baaac99ba3c9", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:645a9ea3-6b50-5768-b9be-5fc769b96f71", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:13d9e539-a848-5fa6-b366-d8a2badd9b00", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d1573127-481f-5d9d-a53d-c0532d8b8481", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ec0ef869-6467-52bf-84ae-1621dfe3788b", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cf51d97e-aba1-5e8d-bddd-c95d69a52a4b", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:697ce7cb-8368-5085-a934-c5a53a7f38bb", "id": "CVE-2026-29145", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29145 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:116cb939-9b9b-57dc-8753-9bd8722f6c25", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4636fac8-1e0f-58e9-a1ff-1c4cd5a05e5c", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8c429582-44f1-501b-96f1-f2c8d6a2c0f2", "id": "CVE-2026-34483", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-34483 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cac4721c-4c0b-5b06-90b9-61d4969790ef", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.3" } ] }