{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:4de3bdfa-e7a4-5a3c-b24a-cb4a1302bf7d", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.4", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-api", "version": "10.1.18-tuxcare.4", "purl": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:a9123ccc-292a-5f44-aae9-c8126cdac6bf", "id": "CVE-2024-23672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23672 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a0ad47f7-911b-5b62-a30d-f82e6d1506c9", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a0a33d2c-3c6c-5aae-816e-c36233228a5a", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:16d8cdcd-a111-5bd1-a7ab-8799f0811774", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5b488f2f-5f9f-53a9-8443-506d25fc38c2", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c5c45816-99bc-549c-b89d-4b3d6568abb7", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3fbc8344-f1e4-59ae-99d2-c420d5997ae2", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:028cd80c-87de-5179-a920-31f3e82f3f7a", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7e3a2fbd-abd8-5972-a5c8-31504e2e735b", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fd1ffecd-f730-5d69-8e94-472d75cbf9a1", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d71507c9-14e1-5fa4-ab6b-ba8b7184bf47", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:23191223-6941-5c4b-b1bf-8fe145632e23", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c89c07f2-9174-5387-82c9-2beeb13722f7", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:528c10ef-5b54-5aba-a709-17c39b1fa0f2", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:26c9a0e0-ca88-5463-9e1e-e35054b1b6dd", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2e7ddfc2-2029-5844-b457-82de10fc0774", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0ee01332-854b-5436-946a-d65d1370a536", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b9414b80-da52-5b87-9b79-0d7b749d156f", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1ef557f0-6282-5464-a842-3f92f65a8632", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:90f5e063-e9dc-5447-b37c-d886a1dc3e33", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1c8c0e16-b4b5-5773-aac9-f18f45c5705d", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8f037f53-9a22-5991-be14-26ec467f9ba0", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4525a997-cfbd-5343-b28b-82e75c428853", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e7b5ff1e-9b7b-57b9-a74e-34027c0780be", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2bfab51e-c8e6-5e0e-8a1f-dc1c10b57f04", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a683d9bd-64f7-5ab4-9e23-e3355a2ba895", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ff98288d-1abb-520d-bb31-ab4be01c38bb", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3d013d55-358a-56f9-865e-ed656e07872f", "id": "CVE-2026-29145", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29145 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:618be780-8ee4-541a-a719-9750167da63e", "id": "CVE-2026-29146", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29146 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b038b628-872c-5fca-996d-07d07e7a1070", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:26edc0d2-d364-5bdb-b9f8-f941e8f09d4d", "id": "CVE-2026-34483", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-34483 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:eb51c980-7287-500d-99ce-b61378b4f457", "id": "CVE-2026-34486", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34486 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4b69913e-996b-52ba-aaaa-fd7814435e00", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-api@10.1.18-tuxcare.4" } ] }