{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:1eccfe68-9549-5871-8796-2416d409ff49", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.8", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-dbcp", "version": "9.0.50-tuxcare.8", "purl": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.8" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:3b317075-0ae2-5c1e-ae34-f73b837ee5d4", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:06fa27e8-32ff-5523-b7e5-3c3b1c222c6a", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:d85a1017-da82-5990-b9d2-d746a2b11283", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:0d72a329-52e9-5a83-96d9-ee85295ce9de", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:307ad00d-eb70-5aad-90bb-eb0c95f653ba", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:6e3a5d23-ca63-5b95-9557-a4201f4082b4", "id": "CVE-2021-42340", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-42340 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:983ec3b9-d50a-500c-8146-d3cb7de1aaab", "id": "CVE-2021-43980", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43980 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:08eae70a-545d-5a78-aa19-5665bedd0ee4", "id": "CVE-2022-23181", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-23181 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:14ec4d0d-da17-5029-9d8d-7720e83f5732", "id": "CVE-2022-29885", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-29885 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:cd555d5d-f429-579b-aa12-a8fd7fa0622f", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:c544f8ad-2661-5931-ab09-2957546b26cc", "id": "CVE-2022-42252", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-42252 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:628fd2a0-f21c-51ae-a634-72307789bca6", "id": "CVE-2022-45143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-45143 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:e50e25b9-b735-5b9a-95ff-4c2723469f12", "id": "CVE-2023-24998", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-24998 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:5de90659-5ac9-57bf-b7ce-8fe12304bcf9", "id": "CVE-2023-28708", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-28708 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:1ddf47a0-b954-5559-b32c-904ce5b1a36f", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:c74679dc-fb32-5b28-8e35-85c54bac22d2", "id": "CVE-2023-42795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42795 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:3472a6b6-7479-5f6c-9974-6dbe9977ca97", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:b3f2c5e8-98ca-5069-b223-d83d55aa1fae", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:7d64e87f-0df1-586c-be03-8521efabd741", "id": "CVE-2023-46589", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-46589 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:8d1a54b9-0972-55ee-823c-f24f3fa5deb8", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:79477f1c-e55c-56c8-899a-a42a928a49b2", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:2deb49d9-f115-5d46-a9e2-37c94d2dbd68", "id": "CVE-2024-34750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-34750 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:6fc4b841-77ca-5308-85c7-16191cc88632", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:0f566a8d-cc95-5fc9-bc5d-232a1dba9235", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:390ad605-3605-5519-b6ad-d179aedfd472", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:99b0b0a2-5e1b-50fb-a57d-56f6dad81882", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:94191bbf-cd4c-5a81-b74b-ce1579e2171e", "id": "CVE-2024-56337", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56337 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:c97cc57b-b049-56d5-bf1c-1478bc3f24c0", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:89d783e3-ed24-506e-8b6c-1c2f5cf50519", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:72d86685-6e80-56e6-9c15-4d2e29b7108f", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:37071f20-876f-58ad-83a2-18d335e65bc8", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:7f62ab98-03ff-5799-894a-f4dde87a142f", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:5b786193-62bf-59bb-95f6-3161691c8f2a", "id": "CVE-2025-48989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48989 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:6d8b6418-7c93-5bbd-a1f9-4536df865265", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:cebec7e0-4937-523e-8d28-9ee8c366d218", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:f03dd77f-beca-5d59-b4a6-851a943394db", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:2ed21b1c-529d-5e6d-97bc-54d67ba3596a", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:f1a4ed2b-4ad6-5fbf-ac4c-698fe0e5272b", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:66edf3f5-c679-5415-a57a-deca861b444a", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:51f29609-d168-594a-acd9-e670db1cf525", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:b6b916c3-8186-5ec4-b1bb-4da71f8961ff", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:87344bab-0748-58df-8508-b68adebac4dc", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:52df7e4f-b50f-5884-bcc0-9b23c3dc1f1a", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:f5adf29f-4f0a-57bd-871e-7554a75f9d68", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:4f3e2884-14e9-5e67-bd15-56ebf8eff3c9", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:5b96d674-9209-50de-bcf0-5a1ca0a96466", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:255ed57a-8c4e-57df-af61-e9d60b8ecef8", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:ceeacdd7-6d90-556a-9beb-e9ace4a4deff", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:7689db94-2520-5d8a-8d8c-dbf6b982d441", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:36234ee1-faa9-51d8-9731-e4d5bf06b051", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.50-tuxcare.8 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.8" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.50-tuxcare.8" } ] }