{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:252b91c6-15c7-5155-a935-2273dc087f1b", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.2", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-dbcp", "version": "10.1.18-tuxcare.2", "purl": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:9a9ec236-0ffe-5144-b074-3b50d4f2edb6", "id": "CVE-2024-23672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23672 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:84ab8ca2-207c-5eb4-b772-6d960ad23923", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:809d22d0-d3ed-5b17-be8a-968525f1e711", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d9f9aecd-7889-5895-83dc-12a08211ea49", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3ab9686f-0bad-549d-af2e-2e6cd348789c", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:23f9256c-5ff6-5909-8b34-8fcd72cd1c19", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:07f95e9f-31cc-57cf-ac71-deb9394c9b55", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:85b3cb2e-3d52-50e9-8fae-a5571fac1698", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bf02bbb1-2cb8-558d-a9ec-b61a6d09cca6", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fa5d5d8a-3163-514b-820c-5c8e337f6ef3", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:61327eca-744d-5500-a8bd-fa523a603020", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:540187de-04a1-5807-afeb-5c4de9a19ced", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d1680a3d-c141-56b2-8878-a34930a8296f", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8af7f344-f4be-5348-a696-8bbd0fdf98a9", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f5739ff7-f8ac-5060-b045-ab9a36c51539", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d8b21f68-62e3-5ec7-bc38-e8a8fec9d541", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:485647ad-0c6b-5646-ae9d-8cb1c7c23d01", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:080fb465-a40c-5ac9-afcd-f327b8a6ca96", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6dfba274-b4ca-5aff-b64d-525357c9075b", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4a619029-1f67-5c9e-a18d-5d757931f700", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ff292bfb-0a1d-5e12-8a4f-4d2cbca44aaa", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b3f26bb3-7afe-5533-adbe-dcd8da33ac24", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bd779bcc-9866-5e44-96b0-a7518f8c1462", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b6e267fe-7747-5b38-a1b9-93ed78c1e8e1", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9ef1d8af-80b2-5cc0-9c65-cddc00cba0bf", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:64db203b-be71-5748-9530-0a6bc5b6ba41", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7cf268a3-291c-5121-b137-8301ed64c8b8", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:87ea3d17-ce70-5ea9-acf7-de851f62025b", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:eb15fd50-8cfd-5929-b6d2-209f01044a68", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:629fbe91-b111-5ec6-acca-fe90747eacc8", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:39ca70af-2527-5e1e-842a-9590e96b0314", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:45d439d2-826d-52ef-ab8a-dfa22c57002e", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.2" } ] }