{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:81db8ca6-de3d-5806-9e98-14c2ff212e03", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat@10.1.18-tuxcare.5", "type": "library", "group": "org.apache.tomcat", "name": "tomcat", "version": "10.1.18-tuxcare.5", "purl": "pkg:maven/org.apache.tomcat/tomcat@10.1.18-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:3c799d1e-358f-53e6-8cf0-c125ea54409f", "id": "CVE-2024-23672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23672 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9324d6b9-b8d7-5daf-9aa5-d446c35ac718", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:73e0d0d4-a72d-503e-9a77-0efb89852484", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0675eb55-7c16-526f-bc20-5b6c72cada2d", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:37484071-1eb4-5daa-b84b-a579931dcb33", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2a10bc36-6542-5558-9ed1-97869b9db889", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:37fbf618-bb91-57db-81fa-b648731bf30d", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e1f4ca75-ae42-5712-a749-700dd0a77e12", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a59815e3-1a84-5189-a73a-44fde9ad77a3", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0817ac9c-43ea-5e0a-b0b5-735cc068c134", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f0ca5414-a8fa-5507-b239-7f6003d7249f", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:fb3068bf-3dda-54a4-9675-149c26e93205", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1e4c5caf-5df0-5ccc-b33e-b67ff612ccce", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d3545b84-14f0-5f4d-bc49-275755374bb9", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1f24eaac-dc08-533e-9bf6-9fc54d4c7730", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:aa9634f7-d4d6-5d87-b79a-c419d90b44fa", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:afa19682-88ac-5e9c-a0de-876465d0e67e", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:92281e16-85fd-568b-9427-7d0c793ecc2f", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:32a6804c-a49a-562f-bbcb-871b58a698b2", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f8be5885-0585-5172-85d8-0c25b4680f0e", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d1e5cfb0-6d91-5e0f-9b28-b734d399cc78", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:762aa6fa-2134-543c-a85c-ea7cf299284a", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b4892af2-2fe7-5fff-bb4b-b5cd6bb30e66", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:30eddf3b-b062-55a8-b52d-1f27d533990c", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:bd05789b-5d01-5f05-a2d6-b07eb7a1a124", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ac72b0e3-6d0c-5063-a857-bbbc4a5e57b0", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d39c344e-8423-5704-b503-5226a7e40872", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:351cae85-80d1-5dbc-b20c-1e07ab537e89", "id": "CVE-2026-29145", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29145 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:54e2674d-8e96-5eba-911f-346a0eade358", "id": "CVE-2026-29146", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29146 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b255ef8d-0cc7-5140-82d6-2f1f66472464", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:279b6b6d-def0-5d51-8771-523b36b6e3f9", "id": "CVE-2026-34483", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-34483 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b5e4b156-580f-53b4-a6d3-510368f35111", "id": "CVE-2026-34486", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34486 affects version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:60f93470-1c64-5ba6-83ab-60be7d674a92", "id": "CVE-2026-34487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-34487 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@10.1.18-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@10.1.18-tuxcare.5" } ] }