{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:1fef8fc9-c8a2-5dae-80ad-17bcff036200", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.75-tuxcare.5", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-ssi", "version": "9.0.75-tuxcare.5", "purl": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.75-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:f99765a2-dd2f-5a91-868e-16b424df42a1", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9457c036-5f5f-58c7-b55e-149fa7cd9adf", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:fd8fd4f0-06f2-5b46-a751-ad53d917c9f9", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:771ad9fd-30e2-557e-a334-6905ea00ec27", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d3129e2f-4a4c-5445-a500-52a68b5583f6", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:94167e1c-e7bb-5e98-906a-60e39497f883", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:00b8c5bb-12d5-5bfc-b04a-22dacb52eee4", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ed6c624f-1674-5988-ae09-fed3522d24b8", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5f133bcf-11ae-58bf-941b-bf5a765c96fe", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:51870650-6c8f-5d06-9530-1f54533f00b3", "id": "CVE-2023-42794", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42794 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:dfa971d7-3a73-5585-803d-64b02fc94182", "id": "CVE-2023-42795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42795 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4654223a-2ea3-56ea-8a7d-4654495a0046", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d638897f-23aa-5413-80a9-9412fbff8e0f", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f196e55d-1ecd-5e32-b3c9-b0a1b363680d", "id": "CVE-2023-46589", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-46589 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7bd09b86-7bae-5701-ae13-a98992dc833d", "id": "CVE-2024-23672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23672 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2b8af9e3-b27c-565b-9e55-418abdc19ef4", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ae0dfecc-a2b2-51d2-9455-86e0c70eda26", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1273380b-823b-5605-ad49-6444028bb213", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:930702df-89d8-50fe-842a-1207a20f63f5", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:50a08161-e624-57ba-be5a-ff326c5b3773", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a154c843-8f2f-58d4-98b0-543d5818360c", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2e840ab6-7c3a-587d-b7fd-8d38fed9e046", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3cf125bf-61a6-5ffa-baa5-f5ed9471a8a8", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c7a55782-4510-599c-a0b4-b370427d4a95", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:02932315-48e3-538a-844b-dbc838644740", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:cc281a2b-1a5f-5e79-9458-bc8390860f06", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:abfd7025-3826-557a-ba99-13d1b6a9b590", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:463c9df9-f44d-53d8-8157-a3b387be39f0", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:85634607-d0ac-5d0f-be4e-45b13e2baf0e", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:dad5de1a-2760-595b-8112-5cbfeb18f422", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8c97c49d-d882-5cf9-805a-5990448b8a42", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:da6cc606-f6e0-5f50-a8b9-0137fa8adfeb", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6b94ffd0-ce2e-55eb-8c0b-36255087cafa", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9eb7f5f7-4e30-5e8f-9f86-34267ff6d192", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:bac1088f-dcd3-5c9a-a987-e25aac7a300d", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:53d9e8ce-0369-539f-b57f-b868ff74b145", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:aa804596-8cf4-5033-9e60-72070c17e1d0", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:98b4ec64-2b35-5e00-802b-35f6a9a04363", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e81512ea-b70a-5afd-9d2f-b1cab95cb7fb", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d23e5763-0b83-5cb7-a4e9-7854fb7d94ff", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3586bc6b-b77f-5edd-9749-0b5fcfd5b2d4", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:66be7a0f-fa51-51a0-bef9-3505e92a9b98", "id": "CVE-2026-29146", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29146 is fixed in version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ec459755-7d30-531c-bc55-408dbc11bb35", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:cddd0719-4a21-5d9f-8ac3-83fb318bdf5c", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.75-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:bde0f48d-6884-51a6-93b4-d4fcad5f5d73", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.75-tuxcare.5 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.75-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.75-tuxcare.5" } ] }