{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:039aaf0e-ed8d-50e9-80e7-dd1feb8cc88a", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.2", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-jdbc", "version": "9.0.87-tuxcare.2", "purl": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:21c2d6bc-adec-5500-8f44-d3fa8a0308a3", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b8f60f6d-fa0e-588a-8f07-aab9e5bc87f5", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:32adeaab-a88f-58ee-893c-dbc8c765f4db", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ef91491e-b6e6-5450-8a5b-01a21f770899", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ba396374-2146-504a-8c43-5256d72adffd", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4b38fe4e-65d5-5ba0-b58a-1d44cfa22625", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9ae76844-7bca-56b0-8a6e-81ac6750fce4", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:912caf45-e47b-51e0-810e-0ec7842ed6f2", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8b8b945e-60bf-5a43-91d0-f9ed008e77f8", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f5282897-d229-5572-9d4c-538b4c52c7a4", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6760f14d-fa1b-5a73-b4a9-e9d29305efe3", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:352a994a-f2a6-5465-9964-3a096bbae0af", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:25f995d4-e767-54c4-afc6-b479c093a445", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e5663d37-cecc-5eac-a3b9-4dba73c78f40", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:53388a14-cf5b-54d2-9c50-66ffc529261d", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6be5be25-3aa5-5345-83f1-64d854e38588", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0641abee-aec7-5b4c-8b24-81c1f7705f79", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:98ed9f16-5d34-5676-9e5b-3cac18b5e087", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:891b9c1d-fa6a-5bbb-ae1d-2944fdc5653a", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a83f457a-fc00-5985-9b48-dba0b3d814ca", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:95805237-62ae-5e2d-b8b2-6d233aa2333e", "id": "CVE-2025-48988", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48988 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8ddbbd07-26c9-5a67-beb6-2e51d59722ee", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f206a62c-1fa3-5111-974b-598520439d58", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:736db939-f94b-52de-964a-60a1d95eefa3", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:429d9df9-8a66-562f-9e01-bd42dab49fd2", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:23611872-6b5d-5561-ad2a-6a33c1b06eaa", "id": "CVE-2025-52520", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52520 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fdf5398e-4a7b-52b1-bbd0-acb4620cebb9", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:04517632-45d2-5f00-b826-5616eb105046", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8b1db37c-c032-575d-b228-cd91ccb3603c", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f44d9ae2-f2e3-5dd9-a217-ed4c91f85e80", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3700f824-7830-55de-a3c2-065cd3540cc6", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:87930374-4f1c-526a-ae37-d699a3ef39e9", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f772bd33-3926-5a4f-a26d-63c701c9ed72", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9c11266b-a224-5a8d-9f11-bd6f9a8fb051", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:59963ac5-2595-5855-ae81-7cc119b14885", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:03af2ff9-ed2b-5fac-8dc1-089519bf4408", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dd1325e3-e56f-5b9b-b1e4-12436f906ffa", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:532466da-0f1c-5ad0-b5e5-f555a1c4ae7d", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4b087895-e810-57b5-b3d4-5403e37e1968", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ec60b593-4da3-573d-87e7-310934aebbd9", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:148b8f2c-ecb6-57f7-9843-480c1252cde4", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.2" } ] }