{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:959408f8-d122-5586-a31b-2eb9f0e72547", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.4", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-util-scan", "version": "10.1.18-tuxcare.4", "purl": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:c4bd1c05-195d-5fd3-8c81-86597342b572", "id": "CVE-2024-23672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23672 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:32e15268-2342-5866-a26d-1e20d020e78f", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:63ad0073-cd50-5257-bd98-1884964107be", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:35846bc5-9a27-52f0-971b-af21397ac272", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9ed43f60-8c76-5795-a74b-c56fd6f84933", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3ae8549f-b068-54a8-b6a3-75116261d3dd", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fcc404f9-ab1b-5375-b0ae-79de27d08efd", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5a468786-67a8-534b-bb78-a399cd994b4a", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ae45ecf6-ebf7-550c-99ee-3a8444dfc336", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5fdfe26b-1d78-5a7e-af59-8f57c5cbfba9", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1e6acc0c-9294-5fca-9a49-2a96977dedc4", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e8518a08-a7d5-53a8-a8ec-6aea43ce9d11", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0f4d8414-13dd-5558-b1c5-99d582bc058a", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9dd2567d-66da-542b-ae6d-938bd1f1e407", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fe5d1b8a-4678-5ad4-98e5-c0b8f33e34cf", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7b1149c5-ec00-531a-a48b-5be7bd2b5ffc", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:beef9385-f681-5622-82fc-9e651adaeadf", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:23bdcd91-5a79-5e60-9c9a-9363065da38b", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:75e24398-ef9d-5d96-a24b-bac496e52aba", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e0e28d3e-4901-51c8-bf49-43d237410591", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ee82c1a2-ddb1-5ac1-b25f-49b9ec4765b7", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4f156816-3e61-5d71-9e4b-9b0c8e4ce60d", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:172afc93-7087-5e4b-ac92-835850065d10", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c690e847-12a5-5b85-8d24-0e5f4f1a3616", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:16644659-6bd0-55e9-bb36-9e75b0522414", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9add90e0-7e53-5b63-a7c4-73a9a11ff521", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fd84a390-254d-5610-8431-dfa6e3970fad", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1e41becd-d727-5e18-a883-b4438f094321", "id": "CVE-2026-29145", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29145 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a602f782-97f0-5744-b974-4a34aa3e0bff", "id": "CVE-2026-29146", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29146 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:dc197c86-1179-5f6c-9578-3a22160eb8cb", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1ccfe2c2-3500-5eb5-b43c-671305766ae4", "id": "CVE-2026-34483", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-34483 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6f4f287b-1cfd-5494-9d6d-d08ef508b922", "id": "CVE-2026-34486", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34486 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:63b630aa-be70-5c71-a980-d24fb63e1f2d", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-util-scan." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util-scan@10.1.18-tuxcare.4" } ] }