{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:eff1aabd-db88-5119-9789-3eacc149441a", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.3", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-util", "version": "10.1.18-tuxcare.3", "purl": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:74ad2b81-efd9-5aec-88c2-fff1b174023c", "id": "CVE-2024-23672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23672 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9a1ff5ad-a8a4-54fc-b605-624eaa517f4e", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:71728106-5352-5f40-8aad-9975e39fa49b", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a08efbaf-0f23-59a2-b74e-14a7a633351c", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1dd17128-22fd-5b77-bd53-da6e5122d288", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ad5a4e11-cc7d-5f5d-b58a-bc53eeb498e4", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:51ef7f2d-dcf4-5fc1-8ffc-ff2188f5f221", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:277f07d6-69ff-56cf-a3e3-06d035767e52", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9fba401f-8c02-5dfa-9030-af6117a5c281", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:934d393e-d732-5076-a53d-4e14b2d8d4b2", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:50c04c65-d083-575c-a0c6-e06b4d276e67", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1126e09d-32bd-5d6d-9dc9-aa9402ee1c3c", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:95ee700f-c229-587e-8dfb-11efb18e02ae", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:761c5912-414d-5dad-9330-6c911df7b2b0", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:529ef09e-11bc-50b0-b901-6799ff88a02e", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6a3d2fcf-2911-58c9-a42d-5ea2594f7126", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:74d06148-9fe5-595b-aa0c-252d9da5860c", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8cfab4e2-536b-541c-8712-6efc285afa24", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f1b8319b-c235-577e-b8a5-b82343889565", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:50f48252-ce72-5f12-a3ac-cc36662623ee", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4c117592-dab6-5e30-9417-873bba83a557", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e8afc5d9-f67d-5421-8391-a3393112269a", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:13bbd6af-8a4c-57c0-b39b-1b3aaeef5145", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dc8075ab-0785-52ff-acf1-b0bb70127119", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f11ec9c7-34fc-5479-944d-41baf72a0681", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:77907bce-9006-5028-8387-d840f6c5f337", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1a1da87e-9647-5b7e-958e-20b6733b429f", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bb40b438-f1b7-5bcb-92f2-2bf4edb3523c", "id": "CVE-2026-29145", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29145 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1a94f3d4-149f-5702-a05a-c24605088de0", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:069f79a6-b5a6-5864-9b30-0908e36e40a9", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6a3b704d-59af-5bba-813e-600847e8a3f9", "id": "CVE-2026-34483", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-34483 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6b9eecbf-bd71-5c82-9db0-1c84988adbed", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.3" } ] }