{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:fb7c7e56-552b-5a71-90b2-cbb94eaa3569", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@7.0.109-tuxcare.1", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-jdbc", "version": "7.0.109-tuxcare.1", "purl": "pkg:maven/org.apache.tomcat/tomcat-jdbc@7.0.109-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:deec6371-2420-56f0-82a4-34156228e936", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8e5a93df-395f-5328-8e41-53b0045ebaa9", "id": "CVE-2015-5174", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-5174 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c71c0136-b8c6-5a3c-948e-88cbaece57c9", "id": "CVE-2015-5346", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-5346 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:94cef9dc-e96b-515d-99dc-e0af39a7a031", "id": "CVE-2016-0706", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-0706 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:05fdd381-0f79-58d3-8cf2-323615eefcb6", "id": "CVE-2016-0762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-0762 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2a8b89a4-a890-53c2-b270-3b2cf13e504b", "id": "CVE-2016-0763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-0763 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f9644f6a-b5b9-51c6-a9f8-f497f4caf5c9", "id": "CVE-2016-5018", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5018 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e2342e57-8c15-5367-a78e-f37b38d96308", "id": "CVE-2016-6794", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6794 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:75e92da9-92b0-5a5d-b8d2-3f85c373684e", "id": "CVE-2016-6796", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6796 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:da5f9c31-8de5-556a-a384-c4035d4e3040", "id": "CVE-2016-6797", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6797 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6feded88-3d55-55a2-91e2-5b42190d49b4", "id": "CVE-2016-6816", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6816 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6582f5e6-b1b5-573d-ac72-5e8cfb973b12", "id": "CVE-2016-6817", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6817 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6535bac5-0408-5bb5-80f3-2ecf26c39019", "id": "CVE-2016-8745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8745 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:752102d0-16b8-5c9d-8bba-ec49c956f104", "id": "CVE-2016-8747", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8747 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5be44f47-e412-5b07-9124-ba2c69759520", "id": "CVE-2017-12617", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-12617 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6b67db6a-26aa-5a4e-b080-ce74b2051dc2", "id": "CVE-2017-5647", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-5647 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c1a91c8d-7d1e-5eb0-8ff7-44e5ac15f3c9", "id": "CVE-2017-5648", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-5648 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5953ce35-102b-548e-b6cb-e7db4c75abbd", "id": "CVE-2017-5650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-5650 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4f7ef38f-f944-55ed-981b-634b56bc7352", "id": "CVE-2017-5651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-5651 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:42a2fee5-18cf-52b6-b931-eea321e6e76b", "id": "CVE-2017-5664", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-5664 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:daf4f54e-6f7d-5f0b-b56a-4bbd2832649e", "id": "CVE-2017-7674", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7674 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:629a0e8b-8b4c-5594-9107-9e30cc1c2121", "id": "CVE-2017-7675", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7675 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:227bdb0a-5caa-5fe1-902a-e4bc0f174b35", "id": "CVE-2018-1304", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1304 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4bcb59e3-a206-530f-90b5-01976249081e", "id": "CVE-2018-1305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1305 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0daa163c-2a1c-59ea-afd3-cb89d689d31e", "id": "CVE-2018-1336", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1336 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a9ae96db-f7e0-5fa8-9d64-138a8270f647", "id": "CVE-2018-8014", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8014 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ad8dd92e-95e4-582c-896a-6ce363cda236", "id": "CVE-2018-8034", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8034 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0e1d1ad2-3e33-5284-95a9-f05a17f2b623", "id": "CVE-2019-12418", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-12418 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:da302dd5-561e-56b2-8757-56ba90635031", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2282fe0a-d838-528a-83c1-9537d7076adf", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:98fe25f8-88a7-5a80-9910-a93983799761", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:46ad6bfb-b16b-56e4-8a3f-363655e4ca7d", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5caa7583-f013-5886-a176-c1ec9bb6474f", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cc037fde-0703-5c92-bfa9-e246907fc5ef", "id": "CVE-2021-30639", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-30639 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:81198d2e-5b92-5b28-b880-30632dd116a5", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9c3e7f8a-347e-5e28-aa83-fb7f80a52ce0", "id": "CVE-2022-23181", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-23181 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c392018a-d376-5ac3-805a-776ba4865080", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ef1bc0d1-4db3-530b-a763-58414dc66b9d", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fe714ccb-304f-5c51-bc56-8073b4ec3ab8", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:37f78edc-40e2-5b17-95fe-a86ca3e3a289", "id": "CVE-2024-38286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38286 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f2afe1a5-1052-55df-94e1-a81baaa35942", "id": "CVE-2024-52316", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-52316 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:080b8af0-b498-5081-b764-476f41b80621", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5cb8bfc4-26fc-57f2-adfc-0e5e4829e377", "id": "CVE-2025-31651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31651 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:30ebcad6-7a76-5cc1-8ee7-8fc6c91b22e6", "id": "CVE-2025-48988", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48988 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:24916009-a53b-5869-bb7b-f27922cad624", "id": "CVE-2025-49125", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-49125 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fefc56cb-157d-5675-85a5-bd0e472e5d35", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2886cb17-a427-5655-b22e-accaddbd0cfb", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5e2ef88f-23d7-5f17-9560-7549a2edb48a", "id": "CVE-2026-24880", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24880 is fixed in version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ebb009a5-bcf3-5084-b251-9c44a6802f12", "id": "CVE-2026-29145", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2026-29145 does not affect version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-jdbc. The official CVE record (https://www.cve.org/CVERecord?id=CVE-2026-29145) limits the affected versions to Apache Tomcat 9.0.13\u20139.0.115, 10.1.0-M7\u201310.1.52, and 11.0.0-M1\u201311.0.18. Version 7.0.109 is not within any of these ranges" }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cafb34d1-6db4-5732-a29d-818b3045dc34", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2afc6202-a4e5-536b-b3ae-7092b8583092", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@7.0.109-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-jdbc@7.0.109-tuxcare.1" } ] }