{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:ee58d04d-0dc3-5588-853b-541c7d8b85c2", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.1", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-util", "version": "10.1.18-tuxcare.1", "purl": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:f1caba61-6405-537a-8fc5-b7cded9ef298", "id": "CVE-2024-23672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23672 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5ee33e1a-99ac-50e8-af6d-a4337bf5a5ef", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:16d2dbe0-f6df-52b2-9367-7980209edd88", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6afff4c5-7678-5d56-803b-bd473a4caf9f", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:95b8685d-fcb6-5d45-9712-b3a186138ccd", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c28741d2-e713-5abb-bfb2-642e2330b92a", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ff0c4b38-ce2a-57e4-93a3-ebaa42a67601", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:614f19e5-5bd2-52ff-8b7f-52deb930c6a2", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5b835548-aaca-592c-ae11-02ab7f4bd436", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3df4cfd5-93d5-5b23-a942-0ef44c2f961d", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:aae6fa18-ecea-5fcf-81e7-ed2c23ba3d02", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:936878c0-5339-5283-a823-fa0403c05e94", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bd50d5ed-6ded-5f5c-97cb-3f412c083834", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fbbc13ff-d93e-5d91-b936-dd7432e7d1f6", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:491c9180-2645-5158-bc89-950bfb1bb2e2", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bd795078-ff23-5d51-9ac5-4f4506381d4a", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:50011515-05f9-509c-baee-91296b724ec4", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8707b14a-0241-52cd-84e6-388a73295a37", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:de6ee984-8f66-5ed4-a5f2-b8e0a1a4db88", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fece25cc-1d92-512d-9cdd-08f10245ef04", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:492b4ed8-3fd8-5104-9a78-5b62634ab5ac", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c162c2be-8e20-5bd6-922c-78dac2dd2a26", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6b965109-2324-5fe0-bb53-47c31b71624a", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ed6d75f5-7128-5534-bbe2-044b862e33ff", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bf28b539-b8ea-5cc1-92cf-42ed5297f37d", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1d5f34e6-8542-584d-8060-6585c6cc8415", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b4f7c604-fd50-5659-870f-c853283aa7b0", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:41d9b497-a463-53a2-bc11-d24ec412011a", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:779e2e7b-7946-51d2-84c3-43b91766e835", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a6e892c6-5e07-5c31-8108-7519fabeacd4", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:110a8617-d698-5d14-a8ea-c704fb965912", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7b449c18-fcfa-5347-a7f6-c56f2d584056", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.1" } ] }