{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:ba3b3802-65ea-5940-859a-a798071a1b02", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.2", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-ssi", "version": "9.0.87-tuxcare.2", "purl": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:d768f534-cb90-5dfa-b97c-ec2bfa7dadfd", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2542a9bd-1154-5ddf-8783-7b7cc41af0a5", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f6bff7b4-2a1f-508f-8c2a-ed64df939e66", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:da977aa1-5d58-5800-8377-b1bc2562f10a", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7a84d5d1-c3f9-5a32-ae22-c8d85883974d", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:016f1426-b78b-50dd-8010-02167afe1314", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f8749632-0b32-5f8b-952f-e44511779b2b", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ed08a91e-3049-5cc7-8352-625cbdf48f6e", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:45054aca-1e37-563d-9b09-db900407d22a", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:209b7691-74aa-5b86-8cd0-52c74268b128", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d061290e-50f1-5921-9e36-cd181c0a290f", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a4ad6f44-1972-5e14-844c-3b266b59915a", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7c68037a-e40d-54f5-974c-d250617745a0", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:28a110b0-f767-57b8-aee3-be56fef42d0e", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9a1a4320-66a4-5960-952a-4ea68059f66e", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c17eaae9-98a1-5bf4-aee1-33b843409f65", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:13df8e10-4cf8-562b-9a2a-3597ec955c02", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7dec5ce7-5c05-5580-bcd9-1e17b106347a", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6214995b-02d0-5c03-807f-f44d6b38747d", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7b558a74-8e2e-5cf7-8679-5b6639cb8a11", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cf45792e-90b5-5c9b-8ec3-7224d1d55cac", "id": "CVE-2025-48988", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48988 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b59111fb-2f71-58cf-826a-bf9105c759e4", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:101b11d7-727c-5b67-bb25-9f345467fd65", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2143e55e-f311-50ff-9a9e-942a52ad4e2d", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:df77a012-cdad-580d-8aa3-3b2e0d0e94de", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:de70ae4e-6c2c-5873-ad5f-1103bdca3e50", "id": "CVE-2025-52520", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52520 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8e1bc876-00bc-5ed5-a862-0469438543d0", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:faa17ed6-671b-5785-bbed-7fe00a2cb20f", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3e7a70f9-8c9f-541f-81f5-e13c51c70933", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b24eedad-c321-5eb1-8fa9-80b964059a80", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:08701cdd-406d-5ed5-ae9b-dc7967aa6887", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c104d0b3-a261-5978-8f18-b598c345aa92", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7791322f-99b9-5c5d-bd63-0a12678a125c", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:58e319ba-879d-5319-9974-08d68cd04280", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:90280d1b-2c67-5c3c-b0b4-bd3b2d79cbc4", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3fd915f5-caaa-566a-b704-285038646bc9", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bda8fac0-fbee-545c-899d-7d18d6c8eceb", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:97238fe0-7fbd-5b77-9aad-31e1b67849a9", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8be58e29-b7ad-5463-9826-7fefa0317db7", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1124ed9a-6f65-539c-8880-9502a2d60eca", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3242d869-63b0-50e2-a04e-eb54f857bc84", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.87-tuxcare.2 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@9.0.87-tuxcare.2" } ] }