{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:93921a67-f179-5771-a6d7-b33bb330915e", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.1", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-ssi", "version": "9.0.50-tuxcare.1", "purl": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:09a3009a-6201-577e-9d0b-977393a309f5", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:11ffe1ba-a757-5b09-89e2-b6b1159ab1cc", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2dc73acd-4729-549f-84a5-70a63f95b5da", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:73e0c7d4-bc9f-59ea-8b67-888da7e471a4", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:58bf1366-1f20-5e1d-892c-c1df5e0265e7", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2b3ac024-2624-5ea5-81b5-a9088dd19828", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:78626609-4402-5d52-bb1b-6f2b5b741277", "id": "CVE-2021-43980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-43980 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f4d4226a-5856-55f1-8feb-8fcaf9ca0dfd", "id": "CVE-2022-23181", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-23181 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4593870e-fa23-55b5-aacb-b6e057f660df", "id": "CVE-2022-29885", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-29885 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5c4667ec-b2ad-514b-9a9f-40f0b61a6676", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:da07c837-a9fd-5acd-b6fc-5b88878247fc", "id": "CVE-2022-42252", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-42252 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:aca1376e-10f1-5d5b-86d7-7493ad268615", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:08bc208d-55cd-57f4-af2e-e4fb2b1dac7a", "id": "CVE-2023-24998", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-24998 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:99be1f84-4240-5603-97a2-0f92ccb60c77", "id": "CVE-2023-28708", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-28708 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e5635a26-ed88-51c0-bfe6-a7fa9a326598", "id": "CVE-2023-41080", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41080 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3b6eaf77-025e-594d-bd74-4bb69839e652", "id": "CVE-2023-42795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-42795 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d7ca968e-3292-5c83-840e-3d2ce5d74ee4", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:714e8a58-aacf-5fc1-8364-31fee72ec607", "id": "CVE-2023-45648", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-45648 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3295755f-ba31-5727-b40a-f992f9d3a58c", "id": "CVE-2023-46589", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-46589 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8ab4a028-fc17-599d-9264-fb3242e9e149", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:45f85ee1-ec8f-5184-b890-44fbe8a60083", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2af88163-03af-5ed8-8c06-ead20af2beb6", "id": "CVE-2024-34750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-34750 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:436e25be-dcef-5687-b443-d2da14e6c112", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fbc949d5-0710-5d94-8239-d05fdaa140a3", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b86d95ad-d60b-51a2-bb10-e629fc3f99ab", "id": "CVE-2024-52316", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-52316 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5181ad50-65f5-5621-991b-ffc338c140c0", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:79476772-82c6-536d-ac71-705ae36ce6c3", "id": "CVE-2024-56337", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56337 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:67f099fa-6cb5-5be5-867a-a2ffea427ffe", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c8ff8973-a400-562d-b973-eca1b3a25479", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:69dd10b3-f528-531d-be45-e0bd774ed2bf", "id": "CVE-2025-31651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31651 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:12efd75d-af93-5736-b179-d87d883835e4", "id": "CVE-2025-46701", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-46701 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:93d03880-0f48-5141-8171-05ef9ef6291b", "id": "CVE-2025-48988", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48988 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0c3cf824-3b7f-595d-b2a0-e1d2cf697198", "id": "CVE-2025-48989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48989 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a9513316-c3c5-563a-8a46-c3445f7fa2fe", "id": "CVE-2025-49124", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-49124 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:037ed2df-7431-596d-a461-224f0876da8e", "id": "CVE-2025-49125", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-49125 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2e05d04b-424d-52d4-b956-e2375159059a", "id": "CVE-2025-52434", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52434 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f114e91f-0833-5fab-8cbc-d61d1ea47614", "id": "CVE-2025-52520", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52520 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a68240dd-b88b-5451-a96d-d0eaddef24d2", "id": "CVE-2025-53506", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-53506 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c1d51bd0-211a-508a-8dfe-c5ad289460ea", "id": "CVE-2025-55668", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55668 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ff720ec0-8361-5af7-887c-9853794d010f", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f0a1f22e-fb83-5aee-99d0-db837b4de677", "id": "CVE-2025-55754", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55754 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f96b63fe-7df8-5179-a7cf-03ae367e9066", "id": "CVE-2025-61795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-61795 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e96904b2-0128-50af-9a60-b85912b56e4e", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2d48a3a2-d71b-51cb-a28d-8a0465474869", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d26f4346-d202-5f02-b9d7-a11df80e1de6", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2dc86a00-b914-5a0c-9b14-782420820a57", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:901eb1f9-7c1a-587b-a120-565ed2ce5f42", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5f164e85-cb82-5bc5-887e-d7e6a8e2e479", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d92d721f-6990-5454-ab54-8deccdcd1ae7", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8ec362e7-18ae-5f58-9f62-dea27d1e5aac", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.1" } ] }