{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:1985270d-fa2d-59c0-ac47-0d38ebebfa51", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.100-tuxcare.5", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-jdbc", "version": "9.0.100-tuxcare.5", "purl": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.100-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:400946dc-1c17-5fe1-99c3-249a5b7a16ae", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:54017b4f-5ae4-55ef-995d-a4b4e2386110", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2765e001-0349-5284-aa87-f6658fdd881b", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:485e32a3-0d67-5b22-9dcb-41b5a2a2c076", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:25db967f-dfcf-5d2c-8895-7502f61b7f1d", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:474b8266-351c-5cd9-9b14-ebe4cdcecd1f", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:844b6b25-e6aa-5c84-9d6c-6a4168c9f8c7", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:bf0ead1c-d0f6-5b07-8dce-b2f1741c7a4d", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8fdfb93c-7d18-5491-a5b2-eedca4e3a63d", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:56746af8-6996-577b-980f-9825827952f0", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e8596b74-e06a-5f41-a3fc-a2cdaa23d29f", "id": "CVE-2024-52316", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-52316 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:63b1d75e-50c7-550e-9697-d710db5ef624", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:988a921c-344b-5ebb-8885-96c8b541ed96", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:df68f404-86f0-578a-a492-80591219496f", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6ef56334-c8c4-5514-8cc5-1b78ab36f223", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:db4fc88e-06a4-5ca1-82cd-76178cb38630", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:af3b0492-4b87-5870-b37a-eb510e2c5432", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:07f58212-1c7f-5dab-82dd-450fce8bf1a8", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:77ec8a71-80b7-5e6a-9042-8ce113e65220", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b2f6e974-eb4e-53fa-8954-3587db22ba57", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:705e2028-afe2-5f4d-9164-831866d5fbeb", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8d869d44-289b-5cc6-9c88-ababd178b6e5", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:fcf01654-6fe3-5fb8-9566-a01528ed2990", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d636d474-c3d0-50d2-9b7f-0ea88771395f", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e960c673-8917-50e5-9949-637233e31850", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:da0dfa85-5231-5cbd-ab59-65d636c9c15a", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:71e90549-f39d-58a4-a02e-55c052b5f9c7", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5ff7fa30-d073-52cb-9819-241ffc1751a2", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:77ff99f8-879b-5c82-81c2-9dfd167a6d87", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c788303b-7264-521c-a67e-7d1aaeb6b629", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2213f20b-b130-5a94-875d-ada4932bc5cb", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:76c6506a-8907-5a3c-a62a-cc336b81b754", "id": "CVE-2026-29146", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29146 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:570a6e94-18af-5aaa-9eac-091822783638", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9a7202d7-170c-5795-bfed-3ab8e51c3a24", "id": "CVE-2026-34483", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-34483 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a5c51af3-039b-5cd1-ae02-bfbb7338f1e7", "id": "CVE-2026-34486", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34486 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c34c3a60-d3a9-5d15-96c3-b289b1beb49d", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d8cb6d9c-da14-5585-aec6-a9c0c49e7cea", "id": "CVE-2026-34500", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34500 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.100-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.100-tuxcare.5" } ] }