{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:af4ee479-2a58-5b24-b729-643713d59fa5", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.100-tuxcare.3", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-dbcp", "version": "9.0.100-tuxcare.3", "purl": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.100-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:57e84112-f966-583b-8ca1-9ae982291067", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8dd63034-0d05-5147-a40c-7fcd4e4fce72", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b7191673-5033-52ee-8e99-cc89521fa80c", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a31a0e3e-17e2-57b7-8b67-f63a4778dcb0", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c91a1696-87ee-5b94-9ab6-b87032f35ee8", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4364cee8-f68a-599d-a6d7-4ec735c5305b", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dd4898fe-a10c-5bd4-a191-0d67747d3704", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ab6617bd-40b2-56ea-9524-553b5223a4b2", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5ae166f4-d86b-5c37-8804-f9293817c0e3", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:551bfe21-ad6b-54ef-b8f3-25e39bae66e7", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1afab13a-995a-50ab-ba10-0afc0db5ce1c", "id": "CVE-2024-52316", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-52316 affects version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:61e88f54-294f-5b32-a654-2e041564ba44", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4c00875e-6e9f-5829-86a4-e1959eb978e1", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:617be342-75d6-5485-8292-b84c40d2c2b0", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2e1c617b-f25b-510b-8f34-e09341a70cef", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d952cda8-948a-5105-825c-fc9ac383f449", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:217fe761-d2c8-5546-980b-058ec5a605d8", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:85f63c35-ad3d-5fa1-b463-9171941007cc", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:46dcd096-51dc-55c4-a6c3-477d000bce4e", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e4dc591c-1f70-5c0a-a45c-42dca11de51a", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b828281d-2e8b-5fef-ab91-6177e888e566", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e71aa29c-979a-5331-8a80-3c28709f9ffd", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6fed594e-cf74-5307-84b2-03b36320a4df", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5e51aeef-39a3-534a-8620-4e5beee72ec0", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0aa484e7-910b-55f0-8a2e-57e905e686a0", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6e529fa5-2bf7-5190-bd32-27e8e2626faa", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c15c54c1-2d8b-5d2d-83b5-82526d8d3071", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d61a1e07-f628-580d-9f95-da6240fe599e", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:966ffbf6-1a3d-576b-b54e-6442356606c8", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7071d333-53ea-562f-ae2e-c98928de30ee", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4290f629-c276-5ef6-bff1-b6556fa8d74b", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1543de04-dd88-5b17-8376-3b0309442167", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4f4bfcfb-9e29-58b9-924e-a4dd70f1b731", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0f2f445f-8d8d-58fb-a749-6920115deb80", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a94c1a23-9e8c-52ef-97af-236194d5621f", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.100-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5f07a009-47ee-5f73-88b4-44d6eb775ac9", "id": "CVE-2026-34500", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34500 affects version 9.0.100-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.100-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.100-tuxcare.3" } ] }