{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:bc54ba2a-5795-5069-8d82-2dfbccb8cc00", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-juli@10.1.18-tuxcare.4", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-juli", "version": "10.1.18-tuxcare.4", "purl": "pkg:maven/org.apache.tomcat/tomcat-juli@10.1.18-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:18f79efa-abc5-5c29-b65e-f12175ac61d6", "id": "CVE-2024-23672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23672 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c1f310d1-7675-5175-9249-1e1dcc425ec2", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:226f584b-629d-5e16-95f1-5c45c6923100", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:79ac9ca6-d662-5b2c-86b3-9c21f18ce30c", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a0f71519-7cd0-5721-a394-2d04291b91dd", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8c4f8a5f-a4e5-581f-8d4c-4893c50a57bf", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cc9a5e1f-3805-5976-a64d-417e5ef6e189", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d8181893-4b4a-543f-939c-5dd2e55372d4", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:652980d9-94e2-5c59-baa8-2631973b887a", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a38c2d11-91bd-554b-ae39-27eb6be0ebcd", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bed563c6-f0fa-52f1-bf5f-0bd1b26e49f0", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b7205cf2-c956-5aa9-a8bc-5f61e36128d2", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7f0c1454-1639-5948-afe4-bed7c6ef4b4d", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a983b298-8323-50e2-844c-848129b2e9a8", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f04a9903-2f2f-543a-92a3-81b3a3a373d8", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:16b6d953-9668-5d75-85f5-44840ccc9e39", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:959bf5f6-5c0a-5a8c-8027-41071aad5006", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d56ac1ea-4e69-5da2-8fc2-34794abc0e39", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b3b1fcea-88b3-5914-9e12-4a80b6b9a198", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:21c9e532-8413-5891-9153-ba849758efa5", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d4102e95-16c5-53de-934e-aaf4a10d138c", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6b1edf6c-d4c4-53da-8aa4-1c4f216dad25", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c025d60d-4f88-5137-ad5d-fb9646399afc", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7bc4b981-b59a-59a1-99e3-b696639161bc", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bc1b8e59-fb3f-5d75-9066-ebd5cb4dd893", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9ea5d219-07df-5244-bd6c-a6b0ef163e4c", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6364958c-e58c-5508-a3a7-6e29fe3994e4", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a0905c5a-1ef7-5d7b-88b6-7d5460290123", "id": "CVE-2026-29145", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29145 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:11edfb08-6567-5244-a5ff-2e233194704a", "id": "CVE-2026-29146", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29146 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4c719e22-1221-510d-b84c-53c84a463ffd", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ae4b518e-13b3-5e3b-abf2-0167187419ed", "id": "CVE-2026-34483", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-34483 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7fe550e9-d4a3-5c53-958e-c0b6186acbac", "id": "CVE-2026-34486", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34486 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d722b99f-69e9-55b9-8b6b-98f0b38bc058", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-juli." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@10.1.18-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-juli@10.1.18-tuxcare.4" } ] }