{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:e72ed842-ac63-516d-b796-31f7b172adb6", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.87-tuxcare.6", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-dbcp", "version": "9.0.87-tuxcare.6", "purl": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.87-tuxcare.6" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:cd9fa04d-69a1-532d-b98b-c6b697579cd2", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:85f52211-aa18-58fd-bccf-3725c735c652", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:47d05161-0bb4-5205-b155-844976d213a5", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:d5f0f470-7d18-59dd-8302-36c814d4d515", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:f6546f3a-e932-5809-b3d8-9587d4566d63", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:39afe7ee-a385-5ab1-9089-b4f8a127ab71", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:91c44a6d-1f27-5720-a9fb-aebbd916eefd", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:4befc6a9-06c5-5ff3-b574-ae0b20d9b573", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:16aceb9b-5d4c-5ca1-b189-a18091d44cb9", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:e64301e6-c0ad-543c-9325-4fc5e6bb1498", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:08a85f1a-5b75-5d1d-a121-70f62cc6c905", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:3fffba9b-55f0-52e9-bb9d-4640dd280f0f", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:6ac524eb-2806-5740-9f3a-9183983cf002", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:a3dc4786-225f-5e00-872d-44b0d18df2ff", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:059f3dea-641e-56a1-9a7c-26980f700f22", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:54df1374-03ad-5d31-984c-e6ff74fb297c", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:9595fd60-a168-59d4-9b6c-2a462a4bb6e2", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:e26eb09e-129c-5e86-a1ce-1ecbf20cd323", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:b55caa4f-a8d0-5be9-9add-fbf3c1a67fc4", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:03e18ed8-099b-53a7-bfaa-6ad6eae3ff8a", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:ed49399c-001d-5de8-bdd6-3a4aef4e6333", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:98ae4e92-fc3d-53af-ae43-66510b56c620", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:a9e8d75f-83b9-5174-829c-997803f3a149", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:18363ada-0c13-5864-aeb3-8e27cdef2a2c", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:ad3f675e-a7cd-5753-a6e0-73edccebeeab", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:fb6bf719-f96e-5e92-b935-efb3c36e3cbd", "id": "CVE-2025-52520", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52520 affects version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:31c39dcc-5662-5290-aaab-c130276aecd4", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:a2fb76db-6cc4-51b1-b290-5533c6d1daf2", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:6edda359-4a84-595c-b467-0aa5b1a806dd", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:24c44e22-44e8-5052-a85f-525f116bae7e", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:ed810585-b03a-5803-89c7-cb47292a2ffc", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:5e057607-c208-5307-994a-dee01d322b43", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:d5daaf92-56df-5cd6-8339-451bbcb778bd", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:5c7d0723-bd2e-5aec-8fe8-b4346abc296e", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:b74dfa85-f7b7-56f8-9009-3a2ac7b77a1b", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:83c3e18c-7861-585f-b91a-bc3095a4fb53", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:47b051a4-881f-517b-aec7-1c490b004395", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:82ba67e1-73e2-54a7-b4d9-1ba20a0d0fbc", "id": "CVE-2026-29146", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29146 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:45cdfefc-708d-5026-b120-7aefd9b4f036", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:b8399c3c-071a-5d71-bb73-eabce786d019", "id": "CVE-2026-34483", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-34483 is fixed in version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:383923aa-569a-5259-9015-e45e2d4507a1", "id": "CVE-2026-34486", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34486 affects version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.87-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:78f470a2-85f9-596e-b81d-5cba92103587", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.87-tuxcare.6 of org.apache.tomcat:tomcat-dbcp." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.87-tuxcare.6" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-dbcp@9.0.87-tuxcare.6" } ] }