{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:e2fbe754-9f1b-537b-bde5-129ef16f4a38", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@10.1.18-tuxcare.4", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-ssi", "version": "10.1.18-tuxcare.4", "purl": "pkg:maven/org.apache.tomcat/tomcat-ssi@10.1.18-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:faddc4ff-dae6-54aa-8348-2595581bb2a3", "id": "CVE-2024-23672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23672 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:964b588d-d06a-5500-954b-6845a8f410e8", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:60183bd3-c14f-5186-988b-6cb455e0af38", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c90d8513-ca40-5790-a369-12ae48ad2c15", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d88f9f8d-375f-5de9-a246-e36c5fd5450a", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:756b33f9-f446-598c-8fac-a26e8df9b944", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1867b6b7-09b6-5c61-914c-006e45925590", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:721d7ba1-e5fa-5198-90ae-f4a80ed954eb", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0e64f75d-9344-5eec-b3cd-5b4507aafdd2", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:585fd82f-e264-5af4-bfcc-f6d8ee6b010e", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7ba075a5-d9ba-5080-812e-e739a8d2de54", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:79d3e841-8edf-5161-8715-4c3e4d423d6d", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fd728abb-439d-59d7-974c-875719d8a566", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:78361cc1-8164-5d88-aa96-3a4f3f3cd956", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:31a4ac3c-c7c9-5ef3-8526-e74b3c7ebd2f", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c1b5399f-a200-543f-ab54-d0efc23efa13", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b356e339-42c6-5f09-be70-4f55bc7c1def", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f1d05bdc-1907-5aaf-bfd1-aa8f017db8ce", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:02632a74-7e0d-56ae-b761-64f0fd0e112f", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9d802450-f201-5904-b34d-6507b3d5274f", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e94aeceb-7028-5e59-bc4b-ea3003844b23", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e8c530d9-6768-5e6a-8730-d6d3ed3f451a", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:897f2468-7ce3-5762-a3e1-9ced2a334b41", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3d49b9cc-673b-5d4a-83d0-4ada70dd8676", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bc06e100-1a6b-5227-a55f-79b117ac0610", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6ffbf89b-7e07-505d-b5dd-1545c04ef814", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:23c63d79-6559-5eae-9d81-99c8389a628b", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:73fa8899-08be-5944-8708-b70bb1b00b4b", "id": "CVE-2026-29145", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29145 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:37833080-7228-58d4-9f3f-ce31ad8864a9", "id": "CVE-2026-29146", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29146 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:071c733a-020f-5311-b396-e10e543f1e8c", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ead9816a-9864-5d60-8d79-6d7d8ad64f24", "id": "CVE-2026-34483", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-34483 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b7ae375f-3566-5a9b-ac70-ea80d0afbf98", "id": "CVE-2026-34486", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34486 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bb869937-d925-5061-962e-1fe63b5bf54c", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-ssi." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@10.1.18-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-ssi@10.1.18-tuxcare.4" } ] }