{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:3bd058db-1b4f-574e-a4d9-e5bd1657d5c6", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@10.1.18-tuxcare.4", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-jdbc", "version": "10.1.18-tuxcare.4", "purl": "pkg:maven/org.apache.tomcat/tomcat-jdbc@10.1.18-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:d6affb79-56fe-5927-809e-c143c547d78c", "id": "CVE-2024-23672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23672 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1bc43932-82a5-581b-8b25-2294a2b7f98e", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3d1cdbdb-d72b-5488-b77d-ce8b8cfb9b20", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:28ff41ed-17da-596b-92a0-d7d1136cd81e", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b6aba777-fda4-53a7-8e03-223bc19e475f", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e9ecc170-5d2f-5aed-84d6-a01981bf6054", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bb25aa03-e4c6-57a2-b4d7-8a01da8c5e73", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:98a18f36-b824-5465-8611-322c9a895ee3", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6b732357-a000-5428-b175-ff01369ffdc4", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1603075c-de66-551f-964c-3d9c1fcfb2cb", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:df27d959-1ba4-589a-9895-d8e8f5ae4a75", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6a139e15-27cd-50b0-bfed-c0f3154c519e", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:49bdf312-c1a2-5b4e-bfea-aa87ffc434bf", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c565cc8c-cb8e-50dc-95e2-5f1a14602554", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:262234ea-adcc-5598-9747-3a15e055d886", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2272599e-931e-5e21-8a4f-f30aa5c2f9d4", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9e9e6f8c-7f87-50e6-b359-6ddd3bc5fa9f", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a04c2e92-ba6b-57cd-916a-8f4c314a3b1a", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9e9fbc73-0c24-5333-9e17-accd93c40a9b", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f1c43835-ae55-5e59-8065-141050fa6335", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:871c1bfc-2725-5fc3-b29c-355236a4740f", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9105e46c-1a34-59ad-9e19-9cbbb52b82c6", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:947e5503-c155-50ef-8cb4-1c6326b75f2d", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9a3cbd79-ab5f-51f5-a7b1-9b9242a816bc", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a5bc8634-7498-5575-a0c9-518346e97a0d", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:42a5a548-837a-5bab-8013-e9ad2c368687", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a6798135-fbe4-5a4b-94bf-59ab43e05368", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4dcac1e1-2cc4-50fc-8614-5025f1088dfb", "id": "CVE-2026-29145", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29145 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:25c702e5-7037-5822-bee8-c138db2a1725", "id": "CVE-2026-29146", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29146 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9e4b1c19-5b01-5248-8748-37db3f698291", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1afe0c7d-5962-5369-b4e0-1ecacc159b2c", "id": "CVE-2026-34483", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-34483 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b7b650fb-91e6-5783-b290-af59f2b59da5", "id": "CVE-2026-34486", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34486 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a36ea8bb-4157-5420-bbe4-3a6e63ad219a", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@10.1.18-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@10.1.18-tuxcare.4" } ] }