{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:0e77951a-5c64-5b49-bc84-dbdb0f303445", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.5", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-jdbc", "version": "9.0.87-tuxcare.5", "purl": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:53bb7169-f529-574d-a6fd-2d7cc090011d", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:13d80254-106d-5122-b7ce-d2dc89cd3c00", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3a4f877a-28b9-5b28-b8d8-fa901de2f6c5", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9d6c7df2-71cb-571e-b40b-97b8b655e45f", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2852930f-5f39-5f91-bb92-88ac49514820", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:39f80c64-d7d0-5e64-a2a4-3afb11b6bdbe", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b3303d41-d6fa-551e-89be-dc459383d0bf", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2244dc78-1d50-5f0d-b3cf-8b1ede24064b", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1d4d111f-4e45-588c-a87b-d2a48a96523a", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:51d4054f-b51e-5c8d-b232-718facaf9c16", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3c77a161-5815-5cd9-8b3f-e6bf0d300657", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7c3e4868-867c-56cb-98d8-089def44f1c0", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:071007c4-b9b5-5c8a-8ebb-2a5f2e59a6b0", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:934d08ae-b12b-5433-a8c1-f2efca8c26a9", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3ecf66ff-32bd-5a56-97fd-ab080532932c", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:12e2edbf-90f8-50ee-bc11-1b02db669266", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ef837c7a-910d-5031-958d-ec6dc3ce5cb3", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ab082030-26ad-5bf0-8156-e9f7fce101ea", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c37b9f5b-1da2-528c-8c4c-3a38048d287c", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9a5b7530-bbbe-50b2-bd62-d93991dc75a3", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:80f68d19-3058-52fd-bac7-a945f5bf05ef", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a89ae1e6-c3e2-57d6-a25e-1f34fb8c06d0", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f1c4e731-18d4-5e13-b18d-0229774176af", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a3b4b534-f9e1-5b3e-b31b-1aeef105240c", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e15b387c-c05a-5c49-9030-589907b20f30", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7a249611-6d90-5448-8124-1dd9b9af76dd", "id": "CVE-2025-52520", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52520 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e0a94c41-50e5-5b8d-9570-951eb9031f81", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:06f80867-4244-5db7-838a-dcf226facf22", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:214422b4-7e7d-5dbf-8561-bc353b63bcce", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:cb1dfac9-5b89-5548-b1d2-76dda19737af", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a46ace52-f6dc-58de-9e65-08a6e237a03b", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9385a311-73fb-5168-8b65-34d845951b15", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:beea1382-3695-5f97-906b-42c361867257", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:246401b2-4cb5-5900-aecf-d45c22508f29", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:61da83fb-86a9-5da6-9fae-d5e424e681d1", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:abac5cf9-0df8-5105-93ba-bf8c640ffda4", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5fe8fbcb-3d25-5800-9283-056b31bebdd4", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2d2ba8f5-42f9-55c1-b095-a850c3861b5e", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:dd35fc8f-bfbe-57f7-9c0f-e35e9649becc", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:14cc845c-ecfa-5d70-812d-4379982bb72d", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c6437727-681a-5496-9a5b-084a61164ea4", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.87-tuxcare.5 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.87-tuxcare.5" } ] }