{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:f160b0ca-4bfa-57aa-a0b4-46e628e374ba", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.4", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-servlet-api", "version": "10.1.18-tuxcare.4", "purl": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:ffcebeb8-18be-5a7d-ad6f-ce58aa93a0d0", "id": "CVE-2024-23672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23672 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c9852ea6-9d4e-5888-913e-d1029d087a04", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:eb29328f-36e3-58db-9cc3-aa42dbbebd53", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3694f6a8-5ff5-5d3e-9474-51d2e573756f", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cf0734bb-0644-5c34-a192-55aa2a2b65b6", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cfdc057d-0b8f-5567-b32d-065867726905", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ac278211-12ea-56e4-b9b7-171a01eda345", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3ca0aafd-f884-5d6b-84a6-b4c3d9e1e3d7", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c9d14b89-91c4-536c-bc85-547be0fc52d2", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:81c082be-3650-58cd-a107-f34bf2af1830", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:08ad05d9-2ff9-5438-95b8-48c20336c10b", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fd339474-70d8-54ac-896d-5da47e2dc208", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0a47413d-a4e3-5ec9-9f51-59addf291227", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e4e95f65-e31c-5cae-a9e4-3544429aeb6f", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:94c58c7c-f9c6-5f99-84eb-0047745a29aa", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:98ca5acc-d300-5e2c-a89f-caff4d6e3e03", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bdf61bb5-2b1f-502f-a419-1b44a24b1bb5", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f1459304-6aff-56b5-bb57-e8ec341321fd", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:dfdcee9c-638b-5bef-b120-dc93de240b99", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:465bfadb-ac49-528e-9fe2-68bf4a8ba061", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a67eb6f4-8ff0-5ec6-ae8d-e62d1334c441", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2782d261-d56e-5b14-aa64-1dc4561714f1", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1fd0e64e-5254-57d6-8e5c-6994a97b8496", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0a835182-7285-504b-9365-647da51965c5", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7dd486be-7c5d-5d6a-8e32-17e3f43aa2a2", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:69644671-d9dd-5749-a472-8052a70b5a24", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:20c57d20-8e98-56b0-8bb3-cd2d8a4eca22", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:04ee3256-8351-5245-97fb-3d2d22648af9", "id": "CVE-2026-29145", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29145 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e567e252-c023-59de-9955-1dc8a84ff645", "id": "CVE-2026-29146", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29146 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a7e07fe7-569d-567a-93d7-fbceb8a90302", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bfdc5007-ad5e-5114-ab4e-9f35037704ea", "id": "CVE-2026-34483", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-34483 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5fe0b59e-2124-561b-b762-e04c83454234", "id": "CVE-2026-34486", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34486 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9c514c48-1c1a-51cb-936f-73ab45ce314f", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-servlet-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-servlet-api@10.1.18-tuxcare.4" } ] }