{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:b81133fd-57d1-5eac-b448-6945a95cab39", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.4", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-dbcp", "version": "10.1.18-tuxcare.4", "purl": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:c35f8daa-6b83-5dd5-a78c-bd4fccccd1c9", "id": "CVE-2024-23672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23672 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:45edfb57-608e-55bc-b9d8-b141f8d58477", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:79e09507-065b-5f6a-b596-d749c33c12dc", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:51911ac1-3147-516f-8b39-0f358d934e15", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ca1e4e55-256a-5931-a607-6a7ba387e782", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5e517a4c-da14-5701-b53c-a6f9dfcf030d", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:46c4123f-031d-5013-9847-458eac89e8a2", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a6004bd4-cb36-5326-965b-71e34b83b1ad", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:040f4007-7e36-515d-a315-bc246f89f529", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a916623b-3352-5a4f-bbaf-9e6d3db52690", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0639c675-7fbf-52ad-a1d9-c1896809961d", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:71a954ad-a0f0-56fe-8716-2c31c2ca8f1b", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fada94d7-15c4-5c54-ae07-b738c63ad132", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6b3a32e6-2ea4-5e76-bbaf-676e724a5abc", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:343e0f50-9902-5463-af40-d8ba221c6240", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a25db401-4419-5a46-b7f8-713606f701dc", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3751653b-cabb-5aa0-a7e5-9b3ee489bc1f", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7894928d-a9ab-5337-a4f0-33213da91c62", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e74cd5b3-166c-5e15-98a3-557463fe0f16", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0a066c53-35b9-5ed8-92ac-096b3b185cd1", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2191498a-20d1-59b4-831e-79959c5a5ecf", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f73815d6-cc11-50a8-8559-bd88e4c93ef1", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:598a9605-20a0-503c-b258-e80d582740e7", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:eb83b752-5120-5331-b81c-33c734f56862", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e3404224-35c2-57a5-bb2d-84d0fe1c6094", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3e6d4cd3-9394-5ee2-925d-7917a77e17d1", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:57997dfc-69e0-5a73-93de-b7a9cff8b923", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:00f15502-4f7d-5d5b-ba36-e0879d5866aa", "id": "CVE-2026-29145", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29145 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:44137462-4100-55b2-89db-ad6bb6a234ba", "id": "CVE-2026-29146", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29146 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:02bcfcbd-8542-5f54-932a-25b7fb910c5b", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5f248ac0-52f2-55ad-9023-e6cce95651d9", "id": "CVE-2026-34483", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-34483 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0e3a9068-2198-51d5-a759-424551e9faa2", "id": "CVE-2026-34486", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34486 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2a031311-7f70-54ca-b7f4-e54990463ebf", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.4" } ] }