{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:c171c89b-a6ba-56ef-90b7-245fc079f48a", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.5", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-dbcp", "version": "10.1.18-tuxcare.5", "purl": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:90b50498-c202-5164-a708-6c938367cfd3", "id": "CVE-2024-23672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23672 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4d756ff0-083c-5564-b32a-bd630e2196ad", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:19947feb-f072-5a31-a94c-a73dd8628b35", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f265c3a7-8197-5a34-8393-ecf2921365d5", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ffbbc595-0ad3-5001-8d2c-2b4d6f2c004d", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6d57c9e9-523a-5a48-a049-145f8bfe8e43", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5078b396-4d91-5465-ad55-34e995684dba", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:fea66450-fcc9-58ab-818f-04ea0bb8f125", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:401095aa-c2ea-54d8-9831-bce568080648", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ca02e63f-4286-5f4f-8b83-82dcce08d67a", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9eaeade7-87a4-559b-88cd-3e53d2f096fc", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d4206419-7a34-525b-923b-8eb87bd4beae", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c8aef943-b672-5519-a73e-ac988f099804", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:fbb79307-7f44-5774-a6da-a58910263ed9", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8a3b422e-9134-554d-adde-c8ca4658109e", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:65da1045-a045-58c5-85bd-75f8acbbab66", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:afbdb5c5-5579-53a1-84c8-ba4b9e13d559", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1d03c036-9052-515a-9cca-9940564329f5", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e1de8c30-213c-545b-9417-434ca0d5efda", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b431efb2-0d62-5276-a9ef-07e80676e831", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:830153be-d19b-5796-babc-01f0ef3db0ac", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6e7bbbba-b560-5fb0-abe3-717c352550a3", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:de3eecac-df21-545f-af3c-f1681dd19140", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:af0067ef-81c9-50ad-b694-c5999db840a1", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7f1a1893-b47d-5c48-8f4c-ef098eaa99b2", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ec362e92-8494-5a78-89e2-ac16292cd426", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:70eab858-635a-5bc3-b5ee-7b974f96557c", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a22c59b9-2982-5174-93d9-d37ed394e9ad", "id": "CVE-2026-29145", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29145 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ab594894-8201-5503-89e3-f08009540ed9", "id": "CVE-2026-29146", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29146 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:535d4ef6-b788-5af2-9855-38066d7a3d0c", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9c9ff37c-a933-56b8-a7a2-a6401ff1cd65", "id": "CVE-2026-34483", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-34483 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8fed0f07-4615-58d8-8d79-4bae3bc82111", "id": "CVE-2026-34486", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34486 affects version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4ce79bd3-877d-55aa-906c-e38ac2511059", "id": "CVE-2026-34487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-34487 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@10.1.18-tuxcare.5" } ] }