{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:b7472ce5-2c3b-5176-9441-3e74fa4829aa", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.5", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-catalina", "version": "10.1.18-tuxcare.5", "purl": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:b4c6de75-305f-5348-8e61-b4ae9f43cfbc", "id": "CVE-2024-23672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23672 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:44d61ab1-8ee5-5e48-abd9-45fdcd1a51e0", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:38fd8bf9-59ad-54f5-b381-caa9eea62886", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b912fb99-e371-5d7b-bd01-10c96a67c20b", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:cf6e5d20-fe71-512c-b741-2008745ff13d", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8a195177-7eb7-5623-8580-ba87f384f009", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:36c9c8c3-b5d0-54db-8ece-677aa2c30557", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e3a8fae3-7e86-5160-9e0c-476cb4e20272", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:503c9c1a-5f3c-5cd6-92f4-eb9a66b3ad19", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7afe6c01-7ef9-5c21-985c-ad470ad3e776", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4607465d-1f60-57ab-99e5-945dac5e75ad", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:001c0c43-8364-5bec-8f55-cd293b1b39fc", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d4f61de5-90b9-597f-a338-d3d4ec56677d", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:397c0333-2cf3-589c-a09e-effd4f71dca0", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c7b884a1-86cf-5080-a2ba-8758bfac3a2d", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:39ebf68f-2e07-5292-bfd6-7ba912276705", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:bdc5ddea-2266-536c-84ce-84834f11e903", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a6e4de21-76c9-5fea-b2c6-be54c8d02ba2", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:78c6c734-f15e-560b-88ac-f2dbf42b1603", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ecd3100e-548f-5199-93b7-f9a597c05224", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9ba9e748-34ed-5f4d-8a47-e35ac6dfe7f6", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:67b0a53c-f121-567d-a73b-5ebd50cd8c66", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8ec1840b-6ce4-5a92-bd70-f57299931712", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:cf7f0c7b-0bc8-5251-b368-b8d6a1b57bde", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e2440311-098f-53e8-82b1-a7c7c3aeefef", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:af278f3b-3f65-5d02-b9e4-b4e15015c69c", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c18198b5-4a91-532b-9b4c-d1bb78390735", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c311a3a6-7985-501c-8a07-721754707336", "id": "CVE-2026-29145", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29145 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:36094264-1a51-5c2c-a9b0-9bbaa7f10eb2", "id": "CVE-2026-29146", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29146 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4a79d015-c47c-5332-a930-cc778cf00a18", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ecf90f3a-6ba3-5a14-9151-fc26149f970d", "id": "CVE-2026-34483", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-34483 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:33ffd4f0-3a68-5fa2-9806-eff884d88e7d", "id": "CVE-2026-34486", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34486 affects version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:bfcc4da1-ca1a-58b3-944a-b14348f97adf", "id": "CVE-2026-34487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-34487 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@10.1.18-tuxcare.5" } ] }