{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:43ef82ff-6510-5363-bddf-6aadd7ed4a34", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.100-tuxcare.6", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-websocket", "version": "9.0.100-tuxcare.6", "purl": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.100-tuxcare.6" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:b89a2641-87ab-533b-8cfd-98dbb8369f3d", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:d5f8c28a-4557-5b9a-853e-be2f23d88bdd", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:48a868bd-18f0-5d5d-8e7a-fdda686e5f10", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:41f91d1e-f8cc-549e-8fa3-bf42a7f363c1", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:931aec3f-b5c4-5d39-9428-ed13674f48f4", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:e23c3b05-20a9-5b9b-b3f1-0fbbf17855bd", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:3686b82c-6d08-57e2-bf1c-0aa25f9bf58f", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:fec38eb7-4c2a-50c8-9427-6040f56bb974", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:d12ae8ae-91de-5e23-9664-a5481dc02f15", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:f4ca82a7-f8a0-5f0c-b149-a521e7bf6a17", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:8fff0a35-f0b7-5274-879c-4be06a119dde", "id": "CVE-2024-52316", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-52316 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:eca62a6b-c8f3-562c-a547-977d936c674c", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:2db4ae03-c483-5192-b273-ada23b5dc5d6", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:4f770d3a-e996-5f6e-9697-2d432b357a68", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:55810f7c-c91d-52d0-bfe8-117e2e1811a0", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:bf2e7cad-2136-5258-8c40-2f8b08c0755d", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:56310118-1fa3-5c4a-b3ee-1e63a0a581b2", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:39af4276-56cd-5093-9389-61e472fe7cb6", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:3a67bed6-8f6a-5826-8d7d-db1a5f93d6d1", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:31869901-f519-58fd-9283-c3854862f190", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:6839f6eb-57f3-5a97-9269-5db4ec6d3f2f", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:3dc0e215-a13f-5c1d-9985-99d1e8d8f52f", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:8c1dc24a-8faf-56c8-aa87-2428536f947a", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:20405f7b-48a3-54a4-8db9-11b1a9f4f36b", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:bcff1be1-c80e-5bed-950b-cc9eab6dc778", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:515d9e48-f7ef-5ef7-9a01-43463657530d", "id": "CVE-2025-66614", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-66614 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:b359f519-1f88-5361-a55f-6d0a6c7381bc", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:ae0fa21d-eb84-566e-8d67-7b0ac2b43e26", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:9519d434-e6f1-5baf-8c9d-97002513ae79", "id": "CVE-2026-24880", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24880 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:3c11bbab-6b3f-5eee-8b37-6b210256cd8c", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:c940ea0a-42a8-51b0-a771-270bc3981b91", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:87b6e46f-1465-5511-8169-455bb855474f", "id": "CVE-2026-29146", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29146 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:331e592b-5305-5018-8443-d11cce1016b3", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:eb6151ce-5cee-52c8-8fb3-3e5931f8696f", "id": "CVE-2026-34483", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-34483 is fixed in version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:b93f3963-cf63-51cd-acb0-d747bce41adb", "id": "CVE-2026-34486", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34486 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:d2c50fac-3ee4-58e5-8ebb-d5176bf55733", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.100-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:7ba30d3e-6c47-513c-baa5-e79bd964c843", "id": "CVE-2026-34500", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34500 affects version 9.0.100-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.100-tuxcare.6" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.100-tuxcare.6" } ] }