{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:896cb306-dfed-5c87-b50f-2e83f6e621cb", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@10.1.18-tuxcare.4", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-catalina-ha", "version": "10.1.18-tuxcare.4", "purl": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@10.1.18-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:6b602ac3-7690-57fd-af32-3d46ef86b2a2", "id": "CVE-2024-23672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23672 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8bddf858-2e4a-5039-85a8-c5c2b04a8a47", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a9d41be2-ec5d-5ba1-ba55-a78841ca9cc6", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:24836155-276f-5219-9ecd-465935bade05", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:54d7670b-492d-5491-92cc-63dbb1bdf60b", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d267962c-c347-5f55-a2f2-1b2a26d25182", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:91e00427-8411-5160-b97c-882e4b4557b5", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ab8f06d7-687b-5aba-821a-61bdeb2783f4", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:626fde88-cfbb-5da4-bf6f-b7b630256338", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2d12d0e2-2968-50ca-b4f1-995be1188b45", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f5bd8233-7539-54ed-889d-6fab47d2e9f6", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e04f3269-0b44-50f5-968e-2984f8633a18", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3413e8d3-3e8b-5dcb-9c53-68875b52036c", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5ba6543a-cc36-5974-8df7-86f121571e22", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:37cb4bb6-38bb-5c37-8638-56b0e2e92420", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:46957fd3-20ac-5431-a21f-2249776a4376", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:dadc6e30-84fa-555a-9c8a-4324cbc1f5e7", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ecb45cee-eda6-5244-b9b9-adb4fdb7007f", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:81149790-7dd3-5e74-a22e-52170c8f0f0b", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cafea24b-a47f-5945-8620-6f469587d84c", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:06cd8e2d-6f4c-5927-b0dc-4bb9e421983f", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0943236d-d8d7-5a66-a565-be90db288649", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c5c76724-03e1-5c3b-a2fc-957ca4280ff4", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a9fef8f8-bb77-58c1-ab20-f0eacbe13250", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5a8bd594-07bf-5b84-91e7-43bc90bcfb92", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1eb16d41-7087-5033-a595-28fc102011ba", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1e7e7d72-7c9e-5513-b9db-2fecb77ff13f", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8d85c200-0f28-5d3a-8762-21973e1f7e8f", "id": "CVE-2026-29145", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29145 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f97194f5-37ae-5665-9722-bd1ad3267491", "id": "CVE-2026-29146", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29146 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9e2dc462-5fc0-5b85-b8e2-1deb711aca63", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2a55fdc0-1b77-5a85-a0c2-ee53cd7afb9c", "id": "CVE-2026-34483", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-34483 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:78721282-2674-5c6c-b6d4-8bbb7e1ea088", "id": "CVE-2026-34486", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34486 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a7533343-03f6-5f68-a41c-b67d3476be26", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@10.1.18-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@10.1.18-tuxcare.4" } ] }