{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:9c35bfc3-2e80-5dc5-bb80-c400a53d2b8b", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.4", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-catalina", "version": "10.1.18-tuxcare.4", "purl": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:1cc3047b-af03-5901-b438-318b12440fd7", "id": "CVE-2024-23672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23672 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d51f4821-6254-574c-b655-e48fd77ef3a0", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:febbfec1-501f-5d60-8545-6b008e471808", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5181baa7-c4ea-555f-9449-46b83693e851", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bba289af-f3ba-5fd1-832b-e492d5fe9129", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:add09f56-84ba-5ebe-83c4-426f11056df0", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7238b915-9a41-568b-9aba-be592c8c50ee", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b524fe7a-aa91-52a9-a13e-9a1f659ab64f", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d52ce621-7627-501b-a972-e04fc5c86275", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c4f279e8-6e0b-5653-9386-44fdd4e6707d", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f93664e1-8236-5415-ace8-b321f8f0dec1", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2bdba17a-4dc3-5f99-b802-b85b51f73f6a", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:95f1fb00-82d7-505c-91ca-c810a6c0cfdd", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:79ad2b57-8a12-5b2a-a169-9c2e1f3c2658", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:02470ec0-4e83-584f-9584-5d612d984fd9", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a930aa38-ddd0-5567-aa87-a9963e2b19d1", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:44ca8b0a-d2c4-5f08-b2a0-df83a2563e37", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:68af0dc0-47b7-5477-a7ad-b3682c7e81ee", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0b463321-b8f7-53ca-a6f0-deea03639f21", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4ef5a317-b455-5711-aea0-6facc70af566", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:dd120b68-8d54-5254-95cb-80f0a400bd68", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f8a22203-6787-5980-bf33-77d8a1182881", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3b4860c2-e4b8-56ca-b420-502f2f32488b", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:703ac650-6acc-5f64-aff2-047c1bd2c2b7", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b7a80f96-cdcb-5d0d-b34a-0eded70bfb4b", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:27d8d37b-ae76-5adf-b1b2-906a46614be0", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9ecb2c09-a183-5262-845e-9a4669a3f566", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:24648e91-1817-5f04-acc6-2d9a8962121f", "id": "CVE-2026-29145", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29145 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a187e1bb-38d3-5b30-a1da-3eb816269766", "id": "CVE-2026-29146", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29146 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cbf737bf-afa8-5358-840a-4b7ffdeecc52", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:98704516-e0a4-5889-9cdd-803bb6fe0300", "id": "CVE-2026-34483", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-34483 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:91176e0d-982b-5d23-8bc7-ae4bad085df6", "id": "CVE-2026-34486", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34486 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a7021bd3-a16b-5b5d-b39c-4e006e6bc359", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.4" } ] }