{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:90026bd7-17ae-5820-b93a-6fa0a95bc037", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.5", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-util", "version": "10.1.18-tuxcare.5", "purl": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:0e036c66-4953-520c-ade1-fc7c8963b0bb", "id": "CVE-2024-23672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23672 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c91f76eb-7514-5ea1-b23f-e5a3f6213eea", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:595b90f9-896e-5677-abee-2d56050d4068", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:af48b0dc-51b4-5862-a925-24562e4eba02", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3e3ede92-1ad5-53b4-9b2d-7f68c97be83a", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a4a6bcde-09f5-5bec-a179-35cc147335b8", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e44d2e02-5f3b-5bc0-8f7c-04d97779d638", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:039022b2-8fc3-59a8-b0ea-2c25f382af16", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:635ce56c-7442-57c0-8ff0-48e581d5ffc5", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:17098f8b-3938-5506-a1de-2d32ccc63f8f", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c65fc102-bcd8-52e3-8c73-790cb8d400e8", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:676235d4-3257-58d7-80f0-a92c1309497e", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5a2e8fad-1e74-53c4-b6b0-8fbf9b07816a", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1755682b-a775-5d80-b34b-1a0546f01f92", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e44bc007-f4c1-511f-bb61-e276d13ee196", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:bfdbd195-b8b1-5dbc-84fb-2dfc1e117330", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b4f76f46-4b87-53cb-bfb2-c82d1608ddb0", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:69936713-459a-5160-8652-0592ea9e4c42", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:65110d57-0eab-5817-8e10-57414ec3a0d8", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5563cc65-7dfd-5a39-ae84-2b50f6866515", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c3b44553-4513-5c37-8894-2036927e0cdc", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:574c6ded-dd73-5a5d-bc75-1660114302e5", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ada68657-c07e-52c7-956f-a34e49fdf155", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:58ffbe59-25a7-5ad7-b862-ed0f566a19c5", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5c69ecf8-ecaa-5882-9317-6312b2d36b2f", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b820379a-46a5-59ef-aa41-652a8f944a4a", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0a66a1f1-1066-5385-a2a9-534e7a050674", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d950a953-2265-5d8a-8826-865ef7e379d6", "id": "CVE-2026-29145", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29145 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7acea7d8-9747-54d4-9900-584de022f0d3", "id": "CVE-2026-29146", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29146 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a3c2d122-cbd6-50e0-8502-2640c6d5977c", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5ecfd81d-861b-5734-a8e4-c52c4da653ef", "id": "CVE-2026-34483", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-34483 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:21703737-5a48-521e-bdf3-0b2a61b6ad74", "id": "CVE-2026-34486", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34486 affects version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f6afd708-5ccb-5831-805d-99d9ac31dded", "id": "CVE-2026-34487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-34487 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-util." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-util@10.1.18-tuxcare.5" } ] }