{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:bd21f156-e555-57f2-beaf-a06e608ad7e9", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.50-tuxcare.2", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-jdbc", "version": "9.0.50-tuxcare.2", "purl": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.50-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:2de1040d-4f97-5ad0-bd1d-6c61df49154f", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3b572861-1638-5396-8f72-da089580d0aa", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4d8faf32-9ef8-5d5e-9305-dd500134def5", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1c594661-49f1-557f-912e-68ae5bd9078a", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8e5f21df-43df-5184-a7bf-cc60a5edce26", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1c5e1475-0a9e-5ebf-ac4a-e6f874feceb9", "id": "CVE-2021-42340", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-42340 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7068649f-2cc5-5db3-9b09-1c8a76873dec", "id": "CVE-2021-43980", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43980 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b1a16422-a806-5f36-b637-b9ed4f1f811a", "id": "CVE-2022-23181", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-23181 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1b7815d4-f03f-5de5-81e7-213730597d51", "id": "CVE-2022-29885", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-29885 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e672c464-eb9d-5dd9-bae4-281bebc80f8a", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dd387d7c-8c8a-5bdb-8dea-6effcff27d38", "id": "CVE-2022-42252", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-42252 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5790e1c8-9ca0-51d5-bd7e-97d0d4b4587f", "id": "CVE-2022-45143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-45143 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c69d90b4-13dc-5ac1-a20f-0e6453289eec", "id": "CVE-2023-24998", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-24998 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d776bdc8-187b-5a15-a80d-978a59fe7295", "id": "CVE-2023-28708", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-28708 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:38886fc0-b60e-5de2-95e0-34640b0725ab", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e101ee9b-ef96-5056-89b1-a0d6896e2e9e", "id": "CVE-2023-42795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-42795 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:778035ee-821c-54af-ae6e-49fa9611b948", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b0f30e5d-4417-59cb-a97b-76e5d77e4c6b", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:357f1aa6-0efb-5512-bf3f-fa018802020e", "id": "CVE-2023-46589", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-46589 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:379d27f5-dcd8-5002-8954-93e8c3d39d21", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:67e5482b-afb7-5bd1-8705-7f3c049d5cb2", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e3a125c9-3fb9-50b7-8350-5f1af478196c", "id": "CVE-2024-34750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-34750 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:04f65179-66e9-52af-b887-404b62df3ec1", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bf4e8e57-0eb0-5dd7-a29c-ebe81e9f343b", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:60fa23ce-f441-5e05-a3bc-4a9cdb4b3a59", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d140b06e-c596-5ca2-9bf8-06728ab03d1f", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ccca8a99-458b-5c7f-bc65-8bba911ab5f3", "id": "CVE-2024-56337", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56337 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:037c306e-c990-51ab-816c-c6454bf55c6a", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a5fc8106-9a59-5bda-b0aa-3a8ea807d944", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5c0e34b4-d142-52ee-a975-f12fa8734671", "id": "CVE-2025-31651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31651 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:823ac8e8-1c92-51b3-b4cd-81cf383592ef", "id": "CVE-2025-46701", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-46701 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fc6efd9b-3fca-5eac-a04f-87fee2faf070", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0706e416-83c4-5265-8aa5-3ab3dfcafff3", "id": "CVE-2025-48989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48989 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:70282c9f-6bb9-5a16-a7a8-b6c8be46e272", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dc07a6a4-535d-54fb-b2a9-db4c4b6b4832", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0f37bb7e-6054-5a92-a10a-abe1d950d328", "id": "CVE-2025-52434", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52434 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5c517a02-16aa-540b-9215-c756dc35b2dd", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:16994855-ce95-5044-ad0e-d0acd2ffe81d", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b12488c0-d556-5a92-a4c7-eafbacfa31c2", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:99b9b50f-5077-5eb5-9aad-d1fec7db98fb", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bcf5f2c4-00d0-5819-abdb-689b954112f9", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7804f6d9-0c21-5e55-9fa3-bc7ae9ee20de", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9a7c33cd-6e26-5d25-91c6-b94bae83471d", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9a52ee8c-9215-55e4-adb0-59fe6cab9deb", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:36944583-417e-5ba8-9c15-ae75f5711a01", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7cab61c2-5aa0-502e-9893-c12ee2e0e541", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b9823c05-54ef-5bad-8356-ec2e8b12278b", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:51790570-ee3e-508f-bbdb-f93e02e74544", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4995a849-2bdf-5080-8d3e-2b793a19bc24", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.50-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:37a3ea3b-6388-55ed-b18c-d22259d6df6a", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.50-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.50-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.50-tuxcare.2" } ] }