{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:eb9f664c-8c0c-5706-b4b0-31681fec3986", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.46-tuxcare.3", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-dbcp", "version": "9.0.46-tuxcare.3", "purl": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.46-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:fa9fce50-a787-57a7-9678-61022e0da7a3", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c4d0ce3d-5d26-50e6-8be6-612124209170", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:14527916-c998-57dc-ae66-72612bde5df9", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5196e6cc-783e-5f53-b245-35c9a6325458", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fe86d440-4cbf-5dd6-b90c-d4f9ce608aba", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3baabfaa-1262-5642-8588-30e6cd42e029", "id": "CVE-2021-33037", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-33037 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:adc3aad2-7d10-55c4-aebd-6fefbff9a330", "id": "CVE-2021-42340", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-42340 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:21131261-4489-5d31-a8f1-6b0c3092e3b9", "id": "CVE-2021-43980", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43980 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9974e3c9-c05c-5af7-acc5-1c4fce50f097", "id": "CVE-2022-23181", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-23181 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d38a680d-e0d4-58e2-a6a6-b16220523e53", "id": "CVE-2022-29885", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-29885 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:25bf9044-69db-582c-a18f-384e3114ec02", "id": "CVE-2022-34305", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-34305 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:49f8d0ad-28a1-5e5c-8595-49dcc807a0dd", "id": "CVE-2022-42252", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-42252 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c3f2269b-5bf4-547d-8fe6-78a8c476b5f1", "id": "CVE-2022-45143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-45143 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:464138de-317a-5882-9f2a-67fed9b24956", "id": "CVE-2023-24998", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-24998 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1b180322-cf19-5096-a93a-0aae3f158b42", "id": "CVE-2023-28708", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-28708 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:59de689a-82dc-552e-8538-350ce01cc42a", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5530b405-e07f-520c-a948-eaf81c605576", "id": "CVE-2023-42795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-42795 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cca6fc00-35c7-5550-aa98-3e0e11aa2275", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c1c3289a-6fb3-5641-92ef-90de38348ed4", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:35698a21-989a-5734-ad8b-219e38b31d96", "id": "CVE-2023-46589", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-46589 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:68b98e4e-20d4-5d3d-8cab-9108099af4a6", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8306f6fe-91de-5a23-aff8-1396c993b369", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:43e2afa3-ad5f-540a-8112-29df6206e362", "id": "CVE-2024-34750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-34750 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:52dd8e13-ccd1-564d-9af5-67ed3ed88c8b", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d0911744-93ec-5a04-8072-959d73979194", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:877db1f2-e2c8-54e3-9828-a699f83492c0", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:48b25024-8cfa-5a3c-80c0-188ab4d6578a", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e905bbc9-6c76-55e3-8c2f-ada6181d0a34", "id": "CVE-2024-56337", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56337 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f69f0af9-df1d-5d77-97bd-416af92a6af0", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a4c55b77-c97b-5b49-b0cb-0890d7b1def1", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3ddbc0c0-d4ff-59c7-bb32-9f053d0d308e", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9845e9ef-862d-5344-a33d-8cd130d866e2", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:086b3dcb-2f0d-5531-a6f3-fde4a919c7c2", "id": "CVE-2025-48988", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48988 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:80032a6e-e986-5c91-a216-a1a188977dfb", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:186ca863-2dc0-59f3-b5c2-cd4914bcee14", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2407daca-7e94-50b8-93f0-ab573f3ec5d9", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a32c79e1-3609-5556-94c0-f7e7f4cb452a", "id": "CVE-2025-52434", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52434 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:47444e99-f724-5ebe-9750-244c05c90058", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2f93f799-5d69-529c-a19f-c004e4e8ef05", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5fc66c27-7863-5365-998d-90650899c49d", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cf7a0761-da2f-5c5d-bb27-cad79738f77b", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:14e4b84e-a5b9-51f3-baab-2bc4f7554a93", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dee36dea-0e8a-51e3-9e8c-dd6791443d2e", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f1ce646a-3b7d-5abb-8692-553ef160fd6a", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5506ff69-3218-5efc-aa66-00c8af85f6a2", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3d83d9d3-740b-501e-be1a-0b6da5f6ac66", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4b274202-da85-58a3-85a8-65cf17036110", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a2933dc8-82b0-5cef-9c94-871e12e65bf9", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dc45bf3f-354e-5351-8225-0d5df7844564", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f2900b6d-6b88-5936-abae-0607e133cfbb", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.46-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a9113080-71d1-566b-bde7-9a84cce448ea", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.46-tuxcare.3 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.46-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.46-tuxcare.3" } ] }