{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:9e3f8ba3-c96d-570c-b0fb-ff026b41b611", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.75-tuxcare.5", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-dbcp", "version": "9.0.75-tuxcare.5", "purl": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.75-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:3f45a716-fbbc-5ddd-8664-bd3f7835c056", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9c660ade-ad99-5f99-baee-f0d68b6047e5", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:fb536561-f30c-54db-8b36-5a4213443921", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2a70a2f7-2ed5-5fd9-b68f-9bd311039112", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a49f3dfd-c534-560b-993e-77a74e5f148b", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3084790f-3e75-52ca-be5a-b87f23a4ae55", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f27b92bb-d886-59ce-9155-69fb62498e88", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e825ea50-6ffe-5ceb-bbcc-8f8aef651370", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f232ceda-701c-5f2b-a919-c7721d5fe7de", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:577e97c6-d22c-5705-8f04-e9cd92070082", "id": "CVE-2023-42794", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42794 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ec4c9760-5539-5d8f-8b3a-70653cba389d", "id": "CVE-2023-42795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42795 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:54a999f0-90df-500b-beb9-14b8f340c5a2", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:fd96a9ed-f244-5fc5-baff-88c685908fa7", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:41796ae3-7437-53d9-ad55-8d60cd73232f", "id": "CVE-2023-46589", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-46589 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:440d8713-de2a-54cb-9d19-18a3de1b6cfc", "id": "CVE-2024-23672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23672 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f58c292c-808a-5599-9e68-c7a05ae4fa9d", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ba365add-ea56-5250-a505-1c9fd0ee8833", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7fa86863-48e8-5b49-9403-7460165cb7a8", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:00842027-cac7-5d01-bdc5-f9dc22bd53f2", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:960a9dac-af10-5965-9c54-cdae902b70fd", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f024452b-14aa-5e31-88c4-4f9d9e2c1aa4", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:87cb13e0-367b-5ce9-8db4-7b116b59783e", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d8f88968-41ce-530c-9d05-04782c06b801", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:06c292f3-e545-5d3e-8d19-85bd3410b7a6", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:af1a9b5d-e953-5025-99dc-c1582a94729a", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:895f780c-6a3c-55b8-bfe9-e39224d042cd", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d3447845-65b0-541e-9be5-1c95019583f0", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:efea08b2-1c9b-5256-b1fe-848e25bffceb", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0309d2c9-fe54-501c-876a-bb0e61b84ce8", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7f2d65cb-0ba2-507d-8ae6-bb960e4dc774", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:547409de-a39a-551b-856a-7e886f963483", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:36bef0dc-6c67-55d4-ac41-b41c1abe8e56", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2188a751-767f-571d-b8ab-7579f409cd1a", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e10146b4-2380-51b2-b847-c6890e2a1d04", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c5b78df8-767f-59fe-90c0-f95052bd0b21", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3ebc35ff-4aa8-52eb-afc6-850567ee5459", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:019996c6-820f-5dd4-8e44-8cfa54dbbcea", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8b1d195b-aee8-57cc-accf-616032aba9d8", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:85dfb9dc-a815-5251-8bfd-77fe018e5b2e", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ee1cfa62-8d94-5d36-a180-ad71c8e7ea9d", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1bd51726-1a3b-5627-8ffd-5de18b2da585", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0f5d8c26-761a-5845-91d4-e5d3b7c54482", "id": "CVE-2026-29146", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29146 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:abd69c66-aa64-5d4a-9349-fddfbe84c406", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:536b26f6-9888-58e7-9a2c-46ead9bcffe1", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1adf841b-2d8d-5bd5-ab27-cb01650845f3", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.75-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.75-tuxcare.5" } ] }