{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:79eafddd-06bf-5e26-84f3-c18382b9f53b", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.6", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-ssi", "version": "9.0.50-tuxcare.6", "purl": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.6" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:90890d04-f706-5967-8b89-7931d96463d5", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:7404f525-e112-56df-9c42-5f4acdfe2850", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:336c235a-7fe6-50cb-8186-78851d392bff", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:2246b378-91c2-5a2c-a605-0e7fa797a692", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:a4a32de6-6ba1-56f4-a2e0-63a78b19059d", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:84eb436a-c0e9-5ab6-aa19-7aad63482f9b", "id": "CVE-2021-42340", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-42340 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:38ecf2e6-ddc0-55f8-8cce-33d8efb3e002", "id": "CVE-2021-43980", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43980 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:925bd3f2-6117-57c4-b4f5-19685af9d6fd", "id": "CVE-2022-23181", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-23181 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:32238bb4-b063-50e5-90a1-4bfeb1ecc9f6", "id": "CVE-2022-29885", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-29885 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:c7ce8d0a-ec04-526f-85c7-05a0398444bd", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:2e4520b6-42ed-514a-9d9c-510b8442212c", "id": "CVE-2022-42252", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-42252 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:055a4fed-e8c6-5349-8052-674321a7e97a", "id": "CVE-2022-45143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-45143 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:d057c108-15ff-59da-a887-f1d96d850209", "id": "CVE-2023-24998", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-24998 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:619f0605-9bb8-55ac-bf7d-da2b5d8b9746", "id": "CVE-2023-28708", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-28708 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:9f88af7b-5fa9-5f52-9096-a1e3d186a2e6", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:15d3851b-0842-586e-9bf3-74c3503d691b", "id": "CVE-2023-42795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42795 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:efce189f-d908-53f8-947c-c58085672fa3", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:81629b2f-6f5f-57ec-9904-9fbca5c8c766", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:b89e71bc-a508-51b7-83ab-089cf2cb0122", "id": "CVE-2023-46589", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-46589 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:dcb13a60-6540-5037-a856-7005a86c935e", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:e38a813d-4e17-5fe9-8f25-2f2e413fd4ef", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:110d3027-7131-5105-a8b4-d64a3ec73f95", "id": "CVE-2024-34750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-34750 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:c38ca8df-bce7-59ce-a72d-9fcdcc0472fb", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:7ee7b095-524e-5043-b941-6ba505be2246", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:d3cfef6f-549c-5ab2-8484-0ad3b581eb43", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:d4215b4b-0790-5751-b228-b2851082d422", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:08e93060-d475-5c00-8002-633c79fcf38a", "id": "CVE-2024-56337", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56337 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:bf0845bb-3b00-5506-b95a-5d968cea2cad", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:c7d3c813-7168-5d6b-8ae8-a7de9f15ef24", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:bfbb7c53-91e6-54ba-9f0d-c0b2db738829", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:37a8035e-63a9-5506-967f-fe07e1080749", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:fa3a56e9-6a5c-5307-95ec-e4c9d967e78e", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:6cab1d00-933f-51f9-841e-7ee5f64502f3", "id": "CVE-2025-48989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48989 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:9a158725-8575-5533-b7da-d0b398d5dd5f", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:912d147b-f053-50ef-87e4-a81e91c886ec", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:7147c2a5-db7f-51a8-97c7-93e6085a4ed1", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:30be1931-2f14-5292-bef8-22e47957f8c7", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:c60ef103-ae45-558b-ad61-0c769aee0838", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:3abdd437-99f2-551d-bb0f-761aa9df2e10", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:03d5c8d4-1218-5060-a7fc-6a0d86caa77e", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:2745418b-1cb0-5d4a-9f25-5f7304009efe", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:cb82bf41-d1ad-50a1-b13b-0fdd7a132e02", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:f44d0558-c1e8-5b55-9150-b001926de7b7", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:11a1ee6e-3586-5f4c-8cac-a11f2097ec39", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:7b5ec8b5-e67b-5ae0-aba8-325a90910c9b", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:2cf10992-28ac-5ec6-9a94-a6af9c4ab30b", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:5af8c69a-90e9-5eb2-a70a-925b1a7c3c1a", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:99e1645d-4a58-5317-963a-9f08b68412a4", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:8f8fa614-33c1-5bb6-bde4-1697df705aeb", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:c7e9063e-5cac-5538-878c-caac82e994ae", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.6" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.50-tuxcare.6" } ] }