{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:87bd6008-9299-58c5-a802-6c578f15deb2", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.2", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-util", "version": "10.1.18-tuxcare.2", "purl": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:9e6b7131-6a3e-522d-85f6-9bf8724a0e88", "id": "CVE-2024-23672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23672 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:42e583ac-bd4f-5a06-980c-248fcdf981a4", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a2a2265c-00e8-5376-be94-c24f9cffe00f", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:364235f4-f85c-5790-aa3f-ecc6d0272030", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5c888476-3755-53aa-9d52-a187c8554a7b", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5f979d86-be77-5279-a6e1-92bc8d393575", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2cab5367-90df-51e6-b510-96e754e44b79", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2b5ff373-4780-5162-8ac3-d33c923bea89", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:211e7130-f0dc-5036-be20-8dcd50c33718", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c272687c-b2d6-54c3-a587-626bc2da1827", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b7937e9d-1b01-5b97-9786-23952be99efa", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:29a10a79-0637-55c2-9f3f-55462da523cf", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ee7a887a-b19e-52c6-8e6c-5560c7622cc9", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:df18dfcf-b657-5525-94e2-28967dd9e20e", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:06c5701f-b9db-595a-a095-7c78d204a6a8", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ab850058-3b19-5f33-8097-db2c36040b03", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d2f5d26e-9850-5144-903c-51392e67bbd7", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:279c8ce0-9899-5f6f-8ff2-cfda892e7a7e", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7e14633c-47b9-53a0-bc5b-a5b5ab24d57f", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0232e05b-4220-549d-b909-d4bba1f34282", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b053a477-576c-5513-92da-424ad6db3b32", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a55debb4-98de-57f5-8d12-43f88c8f086f", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f88c6eb7-bfc3-52b5-bda6-ce237514344a", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:59a1f79e-8a35-558a-99c8-e01ef6c0ef44", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d66fd2ab-881c-57ab-bd40-582e80cf2e5c", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a1f70c1f-ac8e-5404-a7dc-03539df0eebf", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0c4f4ac2-dbab-5b98-9420-12f9173e83b2", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b4de4caf-8de8-5917-969b-911b6f86d9a9", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:425aaefa-da5e-5fa9-bcf5-3f77bb5e32d8", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c8440be6-5b8e-5edd-9290-ced7349880f2", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8b3e0a3a-a5f8-5a14-9c60-67c999078d28", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a4e2b558-642d-5580-bc44-90cf71604b50", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.2" } ] }