{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:a25f7f8b-eb89-58ba-9c0b-b641bf2ce092", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.1", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-ssi", "version": "9.0.87-tuxcare.1", "purl": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:858400a7-2600-5adc-be62-4712ebb1e354", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:65949fe5-b3d5-53e2-bf67-953c1fff2f9e", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1c4b3dea-43cc-58b8-86c8-1d802106d52c", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f5dcb290-47a2-5d95-ada3-a112ce7d9af5", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d00d9608-4abb-581c-828d-2a752091ed8d", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f3ebfe8f-6c12-5984-88af-90a3e13ec040", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3a88f08e-8df1-55b9-b361-6ae47db5e890", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a366dec2-07f6-5fe1-9fd6-e4856f5daa63", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e88d7b26-df76-5538-8c4c-77d01fa436eb", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c0334229-a2f9-5c3c-874d-ad9514727422", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ae3c46d6-185c-5067-806e-4306c7a5e410", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fbe89c0f-0372-5900-bd7e-79c4fb52eea3", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c97a2c96-8436-5403-b6aa-ebd4bcde6ea0", "id": "CVE-2024-50379", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-50379 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0d80774c-3419-5cd2-a667-ad84c5a83f09", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3013b1d2-fdcb-51c6-a95d-f860123e4919", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:92e060b6-127c-5446-920a-1671c99db5d3", "id": "CVE-2024-56337", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56337 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5b3f7a5f-f305-5479-8b33-7e52a918592c", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f9328072-c61e-508c-8f98-fb135f7bf7d3", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fc08791e-651f-5977-98c7-99a5d3ec27ca", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bbcc3581-e75b-563f-bd9b-787972b6a473", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4dd9d64d-ed17-5f20-a2e4-7074d7cc7812", "id": "CVE-2025-48988", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48988 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:32e4002d-8797-519c-89a8-aad5be1ca5a0", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:67bfa2cd-5657-5695-85db-c4eb2d37c7ca", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:be17fa25-6256-5f76-ad37-7c53c3d61520", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9baefe38-b0fc-5f79-8827-873f1fcc9eef", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:765b0223-807c-5842-984d-41027b7ad2e8", "id": "CVE-2025-52520", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52520 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:903932d9-9f0b-5214-aa0d-25ec30f126da", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d7db7bdf-552a-50f5-9c5a-a7d1f1e18915", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:442e8d68-47ae-57f7-8757-2b9fb1a63f1f", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ba7611b8-09c8-58e6-b854-1532f835c5d1", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2b0a7d28-d60f-5f4f-926e-56a6a65354ad", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6239e781-0d6f-5567-8c72-ab9855aa1a12", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:65c86e82-83d7-58ad-8cb2-2f86e18102d7", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c967d4df-d600-54ed-b8c1-e10faf041c7f", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bed7498f-79a0-5e9c-90c1-c909275fa2ef", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:22e3a064-4e9c-5d3b-b568-63248cf1f1ec", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b343f148-28eb-5bfd-ad27-ec55457d40ec", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:95c52840-348f-5fcb-980b-7cbef26711b2", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3e723c28-fd24-5a2c-bbbe-a8b3e4ce4392", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9d1c712e-7bb0-5ae7-b463-b6a31c343749", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f988b328-46a6-5f4c-ac2b-aa99eb202ee0", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.1" } ] }