{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:2e372be8-593b-5cdf-a01a-40d6b9dcba0b", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.6", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-dbcp", "version": "9.0.50-tuxcare.6", "purl": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.6" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:0fd71d7c-ba2d-55b7-8818-f5e67bd02928", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:bfbd2486-b1e0-585f-9389-8e10469358c4", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:759256e8-9844-5be1-9e24-8a0e506fa611", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:b1625551-a0cb-59cb-8671-2f919cc903c6", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:cef367cc-dc24-5800-a3b8-a4cbc3be105b", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:ea06d85c-c9aa-5452-91f2-0a1a58745a97", "id": "CVE-2021-42340", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-42340 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:7d0a3cd9-0d2f-53c3-93e5-f5efab8a9601", "id": "CVE-2021-43980", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43980 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:325a4152-bc1b-5845-a2ba-4458ef277ab9", "id": "CVE-2022-23181", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-23181 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:0ae5e5cf-d0c7-5ac9-b4f1-fef64ed03963", "id": "CVE-2022-29885", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-29885 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:11d48660-b1b9-51b1-a236-65564eb693a6", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:9fd767ba-4230-5f3e-a242-8900793361f8", "id": "CVE-2022-42252", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-42252 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:43901e52-f409-516e-841f-fa731f470109", "id": "CVE-2022-45143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-45143 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:e4e50b7c-1196-58a1-9a5b-b40a9030aa10", "id": "CVE-2023-24998", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-24998 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:5d423fd8-b84e-5915-b3dc-4c188e474168", "id": "CVE-2023-28708", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-28708 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:24790a39-0fed-5752-8ec3-ff7f0cc59b2b", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:0d3a9f98-90ff-5fdc-b719-ccf0e3db0ce8", "id": "CVE-2023-42795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42795 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:1ccc1882-660a-56a0-b124-a945196775b9", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:d4e8db8e-84f4-5b09-8be3-ddc731a19dd1", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:7864c944-fce3-5583-b63c-1ceab2b38459", "id": "CVE-2023-46589", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-46589 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:b98e024e-a949-532e-9813-662767b37f77", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:c42d3f0b-99e6-5fbd-b980-7c27afb38acc", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:7847a633-8bf7-5028-847e-39a37fcb96e1", "id": "CVE-2024-34750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-34750 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:eb286206-b8b9-5321-902d-b6dd0a890d61", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:d9e3f070-487a-5347-8449-aa4b17217c50", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:4fabd83f-1371-576a-8a58-8f7ae2f5559f", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:af010c9a-69d7-5a16-b768-6236dd636cd5", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:22a3fe04-f343-5d8c-9e28-2d9e949878ae", "id": "CVE-2024-56337", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56337 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:6d9e42e4-2ab2-53d9-a0b7-a9b94e3a50ce", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:95eb703e-1300-55a9-9d28-aedc9c2995e8", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:2810edd8-62bd-5654-b47f-8a86c4f0067e", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:d497f7f5-d0c1-5086-b366-59e31e9e1afc", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:c00dfa51-33dd-5c9d-8861-91972444fece", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:a9830b2c-7866-5376-9723-bf078877d423", "id": "CVE-2025-48989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48989 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:8343cdba-6f16-5483-a820-d9ab58ca5ed1", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:1156d76b-90ab-5ee0-9f2a-aaf4348fc754", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:8c75886d-5dc9-5f83-a74d-101d33157c4d", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:c8d7828c-0e16-56d5-a102-bcb601e0fd35", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:9b9745d8-6349-5004-9835-635d571e4de4", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:c6045017-d102-5bd5-8e0d-4323014b0e12", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:ee168285-24f2-5f10-9529-96ebc4433814", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:4d4940bc-e600-5529-9240-fec4beb1cfe7", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:59378156-f999-5abd-8ed1-076690dbd118", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:3ceaa2cf-aa6e-59cb-9ebf-fd6e323e9a37", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:1bb8f64e-b5fd-55ff-8514-c6ce8f5cc495", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:03dd884b-6767-5f84-9fcf-17b970bcb596", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:a19e603d-c464-592d-99a4-8bab5726004f", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:09b7b417-8be1-5da7-bbae-868c171b2c09", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:ebe8c2a9-be8e-57e3-9a62-33869a5289ee", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:77660955-5aa1-5ddb-bdb8-d0aeab8f7675", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:0b1e3da1-a992-556f-ad85-7a951ef74a69", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.6" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.6" } ] }