{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:76b401cc-0a23-5bd7-913a-64499a15a359", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.75-tuxcare.1", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-jdbc", "version": "9.0.75-tuxcare.1", "purl": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.75-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:d286a893-42bd-5a0a-b776-7d8a71dfde99", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:19f3373d-5f8b-53eb-91c0-26b13a52cf3e", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ee07dd2f-3fe4-5e2d-a9b6-250971816ef3", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c58711ef-50ee-5057-b27f-2dbe728b4aef", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:29447ff7-b143-5dc1-beb8-faf65fddb27c", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e98dc807-12fe-50b2-99fc-413c719f0399", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dfc34413-e40f-5d66-b5af-19e4bfe8217f", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b2aab350-c5c2-5371-bfe7-7e091b4a5037", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dd128849-63b5-57ac-8817-029c5b71cf3c", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f02b0a10-0b96-54cb-8834-af18cfb821c9", "id": "CVE-2023-42794", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42794 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c9d70c83-a481-567d-9b81-4bfcfafbfe83", "id": "CVE-2023-42795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42795 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4fc00699-cd8d-5576-bb22-424b5c0c1fbe", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1404f1c4-0fde-54d7-a93c-a84d6d29bfcc", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:efe3b551-aee4-59a2-bcc8-05a59e39f4c2", "id": "CVE-2023-46589", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-46589 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c1e62179-ce76-565d-b94a-8c8057d69f0b", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d710c224-5ee5-5151-a5a3-2af202705085", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7bfbe102-e2f6-50c8-ae47-b6e6f622dcea", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:990b9248-fa50-5e58-af2f-9c04d49549ce", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:94ad8906-d436-5161-91a8-54eeb5f4ac85", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cc2dbca7-6c23-55c0-be25-c6e4a01132f6", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:05acf13d-bea5-5525-872e-acbce5fdeb57", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:61dcbaa0-eaaf-56dd-907f-91b0a6406fdc", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:178278f7-b038-51c8-90c8-f93bdf6aacbc", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2fd50ed2-4e05-5fe1-b8a6-6e336f32e403", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9763ac83-d884-5360-aef9-bd807b8eadb6", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ed8ba810-0376-5613-b11f-5d8c0f5f1bd2", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:60637109-2a73-507d-b43b-938355ffd1b4", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d8456e37-3553-5350-95e1-9cef93494068", "id": "CVE-2025-48989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48989 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e452d5c7-279e-5a3a-aada-f39d4a720f46", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:869f776c-28bc-53ca-a4a6-3e49b4c83062", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a619334f-8227-5a81-bf19-47ced24b9a60", "id": "CVE-2025-52434", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52434 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0251db2e-2ab9-551c-b4a9-bb99592f8982", "id": "CVE-2025-52520", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52520 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bc008162-a788-5fb4-8c65-a7a1ad74faeb", "id": "CVE-2025-53506", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-53506 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:710e5a5b-e585-54cb-887f-7fc11dff2f27", "id": "CVE-2025-55668", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55668 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:61d1964e-d8bb-5fb6-adea-da7ff0e39580", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:27cfc154-df17-5532-bc7b-ac63cc7e8ce5", "id": "CVE-2025-55754", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55754 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:49e68923-0305-5c8c-ae1c-05181b968e99", "id": "CVE-2025-61795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-61795 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d138dcf1-71b6-5ecb-9f51-7a9dd1e7318f", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:314fd3d2-92f7-5780-808b-71b5c3d263bc", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f5b05259-6392-542f-a6cb-cc91c23162e8", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e0768155-117d-52a9-bc73-caf84790df5f", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:35b78596-d88f-56ed-aa82-933e022286c0", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:09b90e83-89c2-5653-97f0-cca8d45cff9c", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:31d38b47-a5ed-5dc8-8331-7b408a0f25bf", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.75-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f7f95f12-6ea5-501d-89b5-3d3ae4b95152", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.75-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.75-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.75-tuxcare.1" } ] }