{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:a3706c62-13d8-5c34-b979-7f7fef4e97cb", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@10.1.18-tuxcare.4", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-annotations-api", "version": "10.1.18-tuxcare.4", "purl": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@10.1.18-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:68f6c60f-fdd3-5c20-a753-b1b8760d9782", "id": "CVE-2024-23672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23672 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3d3692b0-fb30-5304-8e4e-b37c6943c1ca", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6ffdb93a-2996-586d-ae3b-925c5d06b50b", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3faab90a-d936-544e-8293-0ebb4ce1fefb", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2b57daab-4bd3-557a-b968-471db3bac34b", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c69cddf7-8505-51d4-a0f6-f8f1d7e39e00", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:073a0c48-9568-5fbf-b22c-05655e0aa4b7", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6a1eefab-d851-589c-bb24-55c9239d7e58", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:dce79cd8-cd5e-56c2-90eb-735627f670c4", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7250845c-65db-5bd1-9d1b-22fc418a51d5", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:db11968a-6a7a-53cc-80d0-c03124683730", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fd34ca88-d7ec-5ea2-b7cd-ec3982b9b5f9", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9c6752b9-6392-5aad-b4af-4c732528c39a", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:87a29e58-b548-581d-8e60-9e18e8423c26", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1a3582de-d860-5ee1-975c-18f847218924", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a01868c0-e94f-5c22-b5a4-e19906b1296e", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:51ce2316-1392-5c71-8e38-51cb7555730d", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4f655c42-948e-55d6-951b-b23ab44b4374", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2489b5dc-9a9c-5bc4-b675-e3f442141e69", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4b180159-5037-55d6-8cd6-7e247153d1f0", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:96e3f550-6e98-573d-b297-68c3b9b9940b", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e7ffd432-41e5-595a-8f40-67119d6bcfdb", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:32734d09-45cc-548f-baf5-0fdac93bcb95", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:96a62b96-4756-57d8-9f43-2ba0dc9638a6", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:56fee90e-7d4f-536d-92aa-d04355a76260", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ac348537-7a59-56b3-9021-294c9df74a67", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:09877b5f-9d61-52f6-ae8a-93e50529148b", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bb77b78b-29b7-5943-be8f-5909ad208e4d", "id": "CVE-2026-29145", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29145 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1dee3fac-9143-5f12-bae8-422b1050e85e", "id": "CVE-2026-29146", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29146 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9819d06a-b36d-57b5-8e66-1597a5c236b5", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:054b8da9-6930-514a-972c-8ee13dd23917", "id": "CVE-2026-34483", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-34483 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:601480ee-d94d-5808-a8f4-5342d01018e4", "id": "CVE-2026-34486", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34486 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:40d4c7ed-07ae-553a-8b31-6d265dec9aa7", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-annotations-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@10.1.18-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-annotations-api@10.1.18-tuxcare.4" } ] }