{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:275dcfda-e53c-568a-8501-8391af0f0b81", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.46-tuxcare.1", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-jdbc", "version": "9.0.46-tuxcare.1", "purl": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.46-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:35aff19d-b02c-54b4-a0d0-925e6ff224ab", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ae77dd70-b76b-5818-978a-850c8a811bef", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:43cbd722-ce88-55a4-8e2b-2ad2f5cc0d26", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:68ed1fbd-c447-5ca6-bceb-c8941bc551d5", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:512f5992-110d-5004-9a9a-f0f1cc468c32", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:78bff795-9a6b-50ae-b553-5749486de0d9", "id": "CVE-2021-33037", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-33037 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1f5b49e1-18e8-5f15-83f1-3d76e0931970", "id": "CVE-2021-42340", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-42340 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:79c2a869-d814-5ee0-92f4-f0015d112515", "id": "CVE-2021-43980", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43980 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:46c787eb-e14c-5c9b-857f-b3c59e48abdc", "id": "CVE-2022-23181", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-23181 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f8a0c32e-cbdb-58a1-a236-b9583364de7f", "id": "CVE-2022-29885", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-29885 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ed027837-4669-5158-87e6-d2d9e283f4e1", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5dc478ee-e731-54e9-a94e-0932192d1668", "id": "CVE-2022-42252", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-42252 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2e95407c-ba35-504f-afe3-06bb2352eaa9", "id": "CVE-2022-45143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-45143 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c265b9a5-caac-5af4-abce-e396b99aedd2", "id": "CVE-2023-24998", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-24998 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cf439328-082b-55f4-84e5-3cca1ef8bf71", "id": "CVE-2023-28708", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-28708 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a8b369c8-1599-5b09-b55d-31a78757fded", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ea55a37b-acbd-5f1a-b64a-02a42c22beb8", "id": "CVE-2023-42795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-42795 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3b28a3fd-4593-5e44-9469-8569632f8360", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ced9955d-995a-5473-82b2-5dc0a5d02fdf", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:420c307e-17db-50cc-abd2-343aa8cf857b", "id": "CVE-2023-46589", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-46589 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:099cc751-d78a-5670-a91d-ce0f9cac916b", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:445407a3-b40a-5b8a-a497-a37e081a0491", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0bb6892c-aa40-59df-8370-8d06c0dbdfe9", "id": "CVE-2024-34750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-34750 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:39e2b51a-42e6-5df3-9743-302724206d2d", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ca07f3eb-d4a0-5058-9dcd-ae4aacb2008e", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4cd0a5e6-e538-52be-aa79-9443bd36721d", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e8803fe6-b12d-567f-ad97-9e6ef095c68d", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3477b353-7ed7-5acd-b438-b7f752a0793e", "id": "CVE-2024-56337", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56337 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c10f8f9a-ce6a-527c-add9-d7561538c2f3", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a234bf5a-4c9c-5a6b-a28a-ea8e13f66ad9", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:34b5e0a0-6678-5e69-abf9-0dd20622c94b", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8de5109a-398c-521a-bc8e-db60dd19b683", "id": "CVE-2025-46701", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-46701 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c6ddccdf-d3f0-5138-9a42-e038148c77b1", "id": "CVE-2025-48988", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48988 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:414dd3c9-a67f-54ac-8500-588e8e4be564", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f9c6290b-bda1-5b38-bbd2-c6137e6613f0", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8ce8302b-3ef3-5c23-80c4-d648312af3da", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:40a8f231-308f-5478-8258-c432a0616c2a", "id": "CVE-2025-52434", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52434 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:25017a36-1179-5c52-9fa0-aa2f2a66b7fa", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7812805b-e2a1-57a2-923a-99beea7176c1", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2a50283d-f1f2-5738-bcdd-b9bd093203e8", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:03d811af-103f-53c6-8aaa-294ca1259bdc", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f65e5e65-6663-59c6-9d53-6e3a592ac06c", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a51f913f-44b5-59a6-802c-3c0ebca62201", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ca5af621-c691-5081-b09a-a2ac1233353b", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b5b9165b-b45c-5467-97eb-646c68d58080", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:20a971ec-abcf-51dc-8156-51b680abf3db", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:921ec8a3-3bce-5521-a0de-3edd1e41fb48", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a75bfe2e-b298-56a0-8519-5d6335fac319", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:83f0d46c-ce94-554f-87db-4e31fe5b559b", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fb349d6d-7cec-54c4-bc78-18adbfafbce5", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:318fac6b-4757-5845-9675-b3345419104c", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.46-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.46-tuxcare.1" } ] }