{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:fa0cd0b3-a9f7-5655-a8b2-645251c2e698", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.46-tuxcare.1", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-ssi", "version": "9.0.46-tuxcare.1", "purl": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.46-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:501538cf-39a5-5e17-a6ab-7db055b29551", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:724df833-e462-54b0-ac8d-a194de62727c", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ff35ac7e-9e01-542f-bab8-174c160f04e0", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3b09232d-0cc2-5a85-b782-a16941030fb1", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c8ca3a0a-a578-57f0-b6ea-eeae705093c6", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3a466c6c-2492-5870-afc8-794233f4466f", "id": "CVE-2021-33037", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-33037 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:063976fe-7732-5275-b3ee-0dbdec138c74", "id": "CVE-2021-42340", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-42340 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:579844e4-6e62-51e2-ac53-a4b6e03e019e", "id": "CVE-2021-43980", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43980 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4157bf38-c49f-50b3-9ad4-99105fa1a3b1", "id": "CVE-2022-23181", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-23181 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d14c9b42-f696-51b9-841c-023067035a7d", "id": "CVE-2022-29885", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-29885 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:06752d3e-6b67-5995-ab86-14009036d0aa", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7fb564cb-2c7b-5c54-a2ca-ed172905c4eb", "id": "CVE-2022-42252", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-42252 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4964f574-a892-5e88-a460-6fcb5885c277", "id": "CVE-2022-45143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-45143 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e9a06b7a-c9bc-50ac-878e-50e89cc269a1", "id": "CVE-2023-24998", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-24998 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:972d7e36-01d9-5c4c-a0f4-84974d6a084e", "id": "CVE-2023-28708", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-28708 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2bc2257c-2443-527b-8feb-a9def117dcf7", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7f7f7d19-1707-55dc-be72-d43896c4a2b6", "id": "CVE-2023-42795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-42795 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e9b686eb-acdb-5c04-adf9-236b807f4e47", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:19e9dfc7-9410-5dd1-97d3-5bc9fcbf36d6", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2eec7255-ede5-511f-8131-3253903cdc63", "id": "CVE-2023-46589", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-46589 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fb3f580f-4cda-5a85-bf13-81c537967a2b", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d89b3c72-145b-5c17-8a7d-53ae8d669203", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6b847e27-e7ae-5ea5-b04c-1db23e2a31b0", "id": "CVE-2024-34750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-34750 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:91226306-f3a1-50ca-a378-e93ded3465b1", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8f17a342-cee7-5c16-a83c-ca95d56cab4b", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e0938a93-da5d-5747-ba9f-1db564ebc97b", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:293290bb-45b5-5c17-b70b-4506325369a2", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f0d5de41-0e36-55a8-9843-cd04359e9a2e", "id": "CVE-2024-56337", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56337 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3b325a75-3d1c-5a94-b03a-3ab4c2677c29", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b09decbb-c8cd-5aa3-92dd-e8b53af5f027", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d3676773-7eac-5aaa-ba1c-f7bc883f139a", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:aa6305a5-19f9-5a4c-96a3-9122c72abbcc", "id": "CVE-2025-46701", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-46701 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b679dd6f-055d-5ff6-bd63-ef8bd5b6913a", "id": "CVE-2025-48988", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48988 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1b5a32cb-cc1e-5a22-8857-a809d2c9bf72", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:65fe3403-a2c2-5ce8-93ea-4231d6370411", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:123c4a22-fa4a-5bda-8626-2a83548f0297", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6916d912-d386-531b-bc59-31d5d0a8390e", "id": "CVE-2025-52434", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52434 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5f955be7-8872-52da-8065-607bfe76d03f", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c51db26a-1511-5c5d-b581-7c28183db3fd", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0128848c-753c-58e5-83e0-ed0344a4e140", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a9e1d3c2-fbbf-5665-8347-3c5a7fffa2b7", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:83e230fb-8987-50c2-9ae2-fd372dbced77", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:55b2218a-b644-5cf4-a81d-38182c4031ca", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9f3dc98e-cfdb-5be2-8218-1d6d8ee37ea4", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1d8e7608-0279-5229-ba5d-9787c43a4998", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e66118ad-99b2-5772-91c0-c86255121a7b", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1adb7067-4105-564c-9ef1-ba7ded6e9ac5", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9b89248d-1290-57e3-a9d3-88b1cc432e90", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3887849c-18c9-5074-bf6e-063c62662899", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2bbc5fcf-42eb-5335-9175-479453245b1b", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.46-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:aefb25fb-1ffa-5f73-878d-3c3b2fbccd7f", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.46-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.46-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.46-tuxcare.1" } ] }