{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:98015628-4233-596c-92b1-fd10ddeb2da7", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@10.1.18-tuxcare.3", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-ssi", "version": "10.1.18-tuxcare.3", "purl": "pkg:maven/org.apache.tomcat/tomcat-ssi@10.1.18-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:7b77cd0e-454a-554c-8f84-33e73ec53489", "id": "CVE-2024-23672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23672 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d7005c0a-634b-508c-9f63-bec2ad12bc54", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d53a5f5f-94db-52bc-b070-13754c11116e", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:98205753-d0dd-5a62-97c1-75f6ce8bc7b9", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:245c5a60-8249-509a-81d1-58ca45cb6766", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:eef234d6-2b30-5af2-820b-c59f4558cfad", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8f35c11e-d001-531a-b802-1969912593e8", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:562282df-c7ba-5eaa-8355-e883d6b72644", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ecc2ac28-69ff-5460-bbdb-413bff58126a", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d270b489-6727-5575-b323-2aed2c50cebb", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3830f889-947d-5d83-aa0f-4409cd1adc5a", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b286e553-cea8-5bec-972f-1735130c88a1", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2cdae03f-dfae-533e-a4a2-470c90237b1f", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4df9d576-a040-5ec3-98ed-48a4c1a7220f", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3a9ded59-329f-5aa5-b666-f7f4ac418b69", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1ca1f4d8-62dd-5099-bc11-be2ed1374596", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d0d812c1-dc8c-5f55-a6c1-cc0917855a0c", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b1b8c51a-d078-562f-a3dc-d83b3c6cfc7d", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:237d1be3-d29e-56a6-92a9-0f89012ee542", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:be688cec-e00a-5c3c-a165-f3d4b22b3eab", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0b94b33b-f908-5eb6-9ef2-8d4919b1ec0a", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:def03837-48db-5982-b611-ea010afa028c", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f051fd5c-2d70-5876-b6f5-fbac644c3a5e", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:87b2a49b-4226-5b90-bd38-91d396ba917a", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cf066552-7cd0-5823-862b-2bd7652599a6", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4330100c-03bb-58ee-8eb8-bef73c147921", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:99e8e931-ede7-53c8-b758-f9e7940eafea", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ac242053-b294-5fb5-b816-2767a5edeb5f", "id": "CVE-2026-29145", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29145 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4bbe19da-18e6-5cf8-86e7-a617ea32aba5", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:459b2a76-d279-5be3-b07b-3e1e59e74cc2", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5dc0853d-bdc7-5635-992a-63617558d42f", "id": "CVE-2026-34483", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-34483 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9944a1ab-0ffd-5d4b-a241-2b36c0bb9341", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@10.1.18-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@10.1.18-tuxcare.3" } ] }