{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:829b42fd-f010-54fd-816c-4ed2f6fe707e", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@10.1.18-tuxcare.4", "type": "library", "group": "org.apache.tomcat.embed", "name": "tomcat-embed-el", "version": "10.1.18-tuxcare.4", "purl": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@10.1.18-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:f9ceac92-cf8f-51a8-9fec-d7c8d57989c2", "id": "CVE-2024-23672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23672 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5a128e1d-fc68-55bd-be1d-9b16270234d2", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bdb6602c-92bd-5c4e-92aa-bb8c783ddfd0", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:294bead4-9a8a-5f3c-9087-91158890527c", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:556398c3-86cb-5494-8d91-f9f4b8d579f5", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:be684a8d-42a3-5c81-91ac-30863bfae8ac", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:eb90fce7-7566-5ddc-8058-fb7b281e0f03", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7d9d2e38-a77c-5613-bb8d-b95a15c659cc", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:babe3106-17b5-5951-930e-7400412c0441", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6491b429-28ab-5d14-94f8-51e3939959d6", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3b916718-6056-53c8-ae56-0b7d30ba42de", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:aaeb7091-c089-5d52-87ad-064223ff5278", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3b6b1c0c-d012-5c8c-86c0-0a202ce82f1b", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a2c6f843-b239-51ba-97ca-8138e4785a48", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4e7a937c-f320-5fdd-988a-f2107e45f84c", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c13c6163-30cd-510e-be31-e0b90311a2fe", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bf5462af-20ff-5579-8006-821c9666a35a", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:465ce618-aebc-5fe9-9827-553bd43950e2", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ffaf7519-bb7f-5798-a7d2-b06307115103", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9f1e31cd-1e8b-5013-8f89-b8ea35624115", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8af720c0-9a52-52bf-a018-fca777508338", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a9bdd40a-b94e-52d9-95a6-a9ba25bfe9d2", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2eeb3a74-1558-5924-99d9-3ef9ffcdb163", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 10.1.18-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:195168fd-096d-56db-ab6a-f64c5aefe2fd", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:65960245-413a-5036-b772-d70cc2590b9f", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 10.1.18-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e2d0e1a8-6b75-5cb3-b517-076c7e85d013", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 10.1.18-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0468b8ef-55f9-565a-beab-42a81bba3044", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ccc3fded-c9be-580f-a190-374338cef2b6", "id": "CVE-2026-29145", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29145 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b92b19d3-552e-541d-a485-06cebba4cdb6", "id": "CVE-2026-29146", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29146 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:33d2f71d-2cca-5ef3-bfc1-fa961181c446", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 10.1.18-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5c536383-da87-5618-add3-73f7d2d5a4c6", "id": "CVE-2026-34483", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-34483 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3e3c3a09-d812-572c-89a9-580b025e5f4c", "id": "CVE-2026-34486", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34486 affects version 10.1.18-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1d2630d8-1291-551c-bdd0-12ee49ca59d2", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 10.1.18-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-el." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@10.1.18-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@10.1.18-tuxcare.4" } ] }