{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:5abea24f-9bfb-51d7-a2be-55d5962d437d", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.100-tuxcare.1", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-dbcp", "version": "9.0.100-tuxcare.1", "purl": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.100-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:999ec96b-1f71-5a7a-8e08-8f66db2df61b", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b35596e5-e9f6-54ec-b2d1-cdebb9a7d5df", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9172220a-352a-5c01-9b13-05d49e58825b", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:51775281-516c-53fa-8d35-633fd3ce38f6", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0a559b61-b8c4-5394-9e12-97fb5ec21796", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:393846aa-e03f-5238-a057-e27332afc5b6", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:727b4f5d-1374-5080-b687-0ecd54604e56", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7cc4e6a3-f624-5e5e-ae0e-efe61a02c78b", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:52b6198e-9b86-5650-b99f-da60b261590f", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:385b7e33-aee7-5aef-8921-5e6b5fe3bdc5", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6a1d8a52-2abe-5a16-b3b3-7faa50bd6b21", "id": "CVE-2024-52316", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-52316 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6c062c4f-c188-595a-8a2c-72a24c974ad7", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:edcb794f-55a4-553e-826d-83801d3b1499", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5df027fc-21e7-558b-9f19-801d09c80897", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8ac1c1b4-3bfd-53fa-bbc4-689dd645b38c", "id": "CVE-2025-48988", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48988 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f860b9c4-6a67-564d-a83f-b5edfa716749", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4d6ddddc-277d-5ab0-8abc-58b32694db48", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5001e3bd-af14-5af3-b748-dc84e63f53c2", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7969eb6d-ef29-56f1-810a-f3171a90092d", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5bbb24cb-f48a-5c1c-ab55-4e8b39e50c56", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7e3a27c0-00cf-5363-9017-143fba45a309", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2ea253f9-62ff-5d34-8c8a-c819c58ffae0", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:abf8ca8f-9b22-5ab0-940b-88a3d547ec9d", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7d502d22-0214-5e45-9d33-d80f1c38ce7f", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:77a8df21-696f-50d2-9e22-a5a545dc87b7", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9d756198-5a36-5982-ac11-46af0fdf6f31", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a82128be-cac2-50ec-a8a6-2b72f1a3b7e2", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:54b2d176-0dd0-56cb-b988-3681d2a03d22", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8471f364-694e-52c0-b2c0-43ec1b9c8734", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:eeb0fb1e-1f18-5523-9795-45847c0b3613", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1ba50791-bf23-557d-92c7-879ac10d4400", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3d4f7342-2768-5fa7-94ee-1abaeb1f7da0", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:19e60324-0d31-5b67-aca6-cbf3c8fcdd14", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0c428267-46b1-5e3d-bb66-5887598dc014", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ed7a5da2-218b-548c-9fca-402af3d21cb6", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.100-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3eee179c-a548-5290-b90e-d84f28eac888", "id": "CVE-2026-34500", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34500 affects version 9.0.100-tuxcare.1 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.100-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.100-tuxcare.1" } ] }