{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:a8d0bef1-a3d8-5910-8938-534b3de60417", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.5", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-websocket-api", "version": "10.1.18-tuxcare.5", "purl": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:209a4a4f-4962-571e-b311-333b7c30c07b", "id": "CVE-2024-23672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23672 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:cb801773-7190-5164-b303-25516c00eb7e", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:46ae7bef-faf0-56fe-8a77-a198da93e310", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e7a4b908-293f-53e5-8ac5-309be8cfac81", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4dcd5162-6bf7-5a89-9d5a-4ea162750735", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:fa725093-bee9-5557-8202-69ab6a70c427", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:93cb1e5f-c4c6-5236-bec0-c77a1102cdbc", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c6180fe1-6c57-58dc-a576-39a8058cdd17", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4f68444f-4de2-55dc-965b-b95ec6117e42", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:46a73f3f-349c-5461-a9ac-6b36d8798c6c", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1db80ae2-ef64-578d-b824-6b25cfb8a81a", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:572ca38e-f2ad-52c8-a438-1d4d0f1d09e5", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:eaf80238-341e-5591-9e0f-8fc95ad6617d", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0952fac0-1f93-5225-a50c-11182b4a97c2", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e646f087-3a90-5d12-a8c4-1c778989882a", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b2fae645-e13b-54d7-b844-47327540ccb2", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:20089e71-a328-5954-80d7-404ccd5e83d6", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:665d8e96-39f5-5781-b240-5ef0d3bfe780", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9436ee4d-97a1-5491-bb4f-90d16e43396f", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:092ad60f-1f50-5bc1-a5fd-1cd0913df1a8", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:27cea87a-8764-5725-a434-ee42bd36ffc4", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e8cd7b88-6d20-5d8f-b517-72ad7d877075", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:bd505ce6-34f6-507e-be7d-e3b8f4f7efc1", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:01559524-4ddc-56fe-9eb8-2dbf9c79a830", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:fb9b6da2-ab05-5068-9eb2-2f4f781e3334", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:bc05fcc2-80e4-5075-b18e-a8278a06a8ca", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:715d0838-a358-51a2-b9b4-37c0560d892d", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:51fe2fc8-3d83-51b3-a037-76e8b48895ef", "id": "CVE-2026-29145", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29145 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d08e79bd-9efa-5633-923c-69c32c88632e", "id": "CVE-2026-29146", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29146 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ebaab27e-37ed-58fd-b955-ecf245d618d8", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:43a64cd1-c667-5671-8684-295fb091f8af", "id": "CVE-2026-34483", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-34483 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b3729437-be39-5bbe-aab0-62dc2fcef4ec", "id": "CVE-2026-34486", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34486 affects version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:fe0e73bb-ad2a-5491-8321-978f6b8db057", "id": "CVE-2026-34487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-34487 is fixed in version 10.1.18-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.5" } ] }