{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:d01e3aa5-081f-5ba0-8461-923282ce7d88", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.100-tuxcare.4", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-ssi", "version": "9.0.100-tuxcare.4", "purl": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.100-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:63be484a-71d5-5621-8e19-f9d792ce84d2", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:09502482-b30f-55ea-8070-c3871f0d8d97", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5d9706bf-07f6-5a47-85b3-784bdc2e0f5a", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6f78e08e-0190-548b-b963-3400dfe141fc", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:af67b9ef-95a9-5143-b4cc-c7d89142fd34", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:285c7150-1b39-5fc6-9ca8-f2c6c84b588c", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:dedca195-991f-5ac4-a097-94ecb325e6ba", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:39f91ddc-533d-530f-83ae-8715079354ac", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:863c8f5e-d8ae-5335-9b5a-792d20893891", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2de6731e-bdff-5f74-81f8-23df6229d6c7", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4a5bf769-75e8-5da8-a2ac-ffb3ce272907", "id": "CVE-2024-52316", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-52316 affects version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:66321c4a-0299-55d5-b740-992604afa1b3", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f3dbf73c-3431-5c5b-98e3-dbc0fe93bc8f", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:af64813c-2766-553c-b218-b4de6b19b110", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1825c89d-74be-5a49-bc86-fb883c0f2c11", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fc4845ed-79a7-5962-9405-ffdaed771a24", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ffa4f1e1-a633-5289-b33b-dbacbae5cc89", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d2bbaff0-7ab5-5809-a890-256c24fa24f2", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:26fe7f24-964f-507a-977c-33125bd86357", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3122225b-fc23-5f5c-930f-7e63e4feed04", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:607b2adc-0ed2-50b8-ab21-6bee2d4e4419", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1c58714d-b343-5898-a4b9-045d5f5b1f94", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bb733767-7ef6-508a-b804-1a8ba52436af", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:65fcc45c-b461-5eb3-91e5-8979edad7d96", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f6858d67-425d-552f-9741-f8de25603725", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0efa8034-1ac5-59ff-9977-ecfa08a71557", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:703d78d9-f60d-5986-88f0-b87e39ae1856", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:20cf7799-ba5a-5a71-a72e-12a240b9bdca", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1f26f5c6-702e-5872-b089-59d365fb3a55", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:aed81f96-862f-53d8-a81c-77c53e97d0ff", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d9e75757-dac3-5b32-b714-cce27fc18c1d", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:baf288bb-3663-5206-8bb6-76068aa20823", "id": "CVE-2026-29146", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29146 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:581c46f5-998c-587f-b859-9d8cacf57192", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:99326e05-e45a-52ab-b715-997d7c614584", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2f52d66c-b807-591b-9185-61bbf6b9f139", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:37d39487-4b00-5ebf-b54d-163c9d5c5aad", "id": "CVE-2026-34500", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34500 affects version 9.0.100-tuxcare.4 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.100-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.100-tuxcare.4" } ] }