{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:fed9aa82-b388-5ef3-8fa0-a6c1d9ae637b", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.3", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-ssi", "version": "9.0.50-tuxcare.3", "purl": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:1b7812ff-59a8-5f86-84bd-416e37a5b8cc", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7373ffa7-d361-5c45-9735-109c4b87ec4a", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dc9a6f0a-87f5-595d-8509-a28d76d41857", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:076e3d35-ceaa-576a-aa1c-fad9a0c5d6ea", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5a969a68-a66d-531e-be30-180eaa0cd9c6", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f186a6f6-79d7-56e4-9921-758000c774f9", "id": "CVE-2021-42340", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-42340 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9cd0f32e-1e2b-57ea-852c-51abb5a86ba7", "id": "CVE-2021-43980", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43980 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2a0329e9-9557-5d79-89c4-5a98f19985db", "id": "CVE-2022-23181", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-23181 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:733148bc-fd99-577f-b9e1-c3afb85dee23", "id": "CVE-2022-29885", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-29885 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7414b8de-eda8-5639-a7bd-cf55e030c522", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0fc1bde1-9214-56bb-8768-68eebfa63025", "id": "CVE-2022-42252", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-42252 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6510ce2b-f5ee-5df5-b086-e6a35ba67037", "id": "CVE-2022-45143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-45143 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:672ddb72-a247-5f24-b52e-a0ee729772b2", "id": "CVE-2023-24998", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-24998 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9c7089a1-ac9c-5fc4-b5bf-549cb9fa698b", "id": "CVE-2023-28708", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-28708 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4aa61a4d-457f-563c-be24-db67bbcfebdb", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:18c12e11-69b0-5cb4-a9d2-fb750a59c1b0", "id": "CVE-2023-42795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42795 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b9adf43e-84c0-5772-99d9-04c859e74d3d", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:24b4ce48-fca3-54f1-a930-42096eda1e51", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:849729d6-ae06-5c47-9d6e-d98dc84e3aa6", "id": "CVE-2023-46589", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-46589 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:68aae307-5aa5-5801-a08b-2b026ec6859c", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8de1d420-dfae-57c4-8fca-ff23b0462144", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:98c5c251-a062-5644-814b-e9b2854f6679", "id": "CVE-2024-34750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-34750 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b66ded38-86b7-5ada-b954-19f6a2b0efa7", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b596bc5a-16d4-505c-a9fd-5438fa9de00f", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:315db7f0-37fe-5026-b5f9-d171266dff2f", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f78c164e-65e3-504f-9e04-c1298f11a53e", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c6b20c3f-7623-56a2-8a65-1021cfbd6c51", "id": "CVE-2024-56337", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56337 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5b82fdf3-163f-5dbe-95da-63d5102b5991", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4b486aaf-3911-518f-8321-0438900d55f9", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cf39fff5-97d2-5bb8-95d1-64d89e50da6c", "id": "CVE-2025-31651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31651 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e2cba72d-f5b8-5eee-a548-6271f79cd5ba", "id": "CVE-2025-46701", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-46701 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:76861421-25b0-5c72-a8d7-1c41f48d9132", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7253f314-8f7f-55be-884c-33e9ee1abe59", "id": "CVE-2025-48989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48989 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f8441299-5cf1-5788-be07-7c42c299ec82", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7b953227-5bdc-5afe-b1bb-2340444b6e33", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9cb57bc2-1dcb-5607-8d03-170885b9dde5", "id": "CVE-2025-52434", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52434 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:edae11f6-d46e-56c3-be39-e53d5b6a0646", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:df7ff50c-cd61-5165-824d-877f6be4832d", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1969dc8b-91ef-5829-aa61-d1e8e3644dfa", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3791ebb0-fc8a-5962-9ba4-2e604f806489", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:200c11b2-7589-558a-8057-f3c7f9f5ea07", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9eb66103-faa1-5993-8da7-72ef53ddf366", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:582e000d-5c21-55ac-885d-9775bf7deb94", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9a9f09be-3763-536d-be5e-fb414893e172", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:81441c8e-136e-5245-a95d-217e7e419aa1", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:139d434e-6c5f-5d10-b78c-09c35bfe27e5", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4a34e128-ce54-544c-bae6-57ed9dd911f8", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:024c0c4e-0241-5bc6-9e11-90185ae8ef7a", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:17c556f9-c3dc-5dcd-83b5-206e9880bddb", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fb5c39e2-daca-5bb4-ad72-efabd834a2c3", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.3" } ] }