{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:b0354d00-000e-5e5e-9da2-ee46d97b64ea", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.4", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-websocket-api", "version": "10.1.18-tuxcare.4", "purl": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:ac01d825-c51a-55b6-90d8-fbceecfde2a7", "id": "CVE-2024-23672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23672 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:caf38e89-6903-5b44-a686-a0bfd1ce8f17", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bad5f8f5-1a47-5dac-bef0-9d09702d3771", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:957fbc95-6f9b-59b0-a43e-c54287b89e3e", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bb5dc66a-42bd-5979-9506-6ce8c50282e5", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2b5d73ac-78ed-5c95-8669-8e083ee2416a", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5e156660-2f7d-5770-be9f-4b0aeda0c7cf", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:30215521-d52e-5c94-82b2-4f04e5878baf", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d7118cd1-bdbc-5a12-80ab-6f55dd872cdd", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a981e974-dcc0-5a57-b1d0-6f063380c638", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8c4bcedd-c7a7-5cf1-99ba-e48b8b99a991", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5a7ec89d-df02-5cce-a051-fa28b400ba81", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:68ae5c15-7d0d-5149-b849-db07576f0807", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:38d68fe8-667a-5486-9e96-44ff74f57d42", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e966f0e7-0c94-516c-9654-b3eb561b5ebb", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f67a814f-d17f-53f3-bf44-f6d5c7f0d36b", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3b936b45-5270-50da-9627-a46bca760b96", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:70cf1363-50b1-5f46-915b-b464d096dd36", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4ef005f5-84e3-5977-a3e3-3d93187585e4", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a29d7ae4-5f17-5745-adb2-8525d8ab2fd2", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e4cb7b2a-a142-5082-8c2f-cffa9d90425b", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2bc6034e-81b2-5709-82fb-5e1cc96615be", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d7ae96e7-e32e-5f43-b7a9-b891f9bb0519", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3d478201-c9ae-5638-a620-9cd33ba18df9", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:20bf05a1-3fd5-5f9a-8e04-d7f6bdba6219", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:caf3c590-aa1a-55e2-8365-250e427a65aa", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ce4104ea-26a3-5bf8-8634-bdc96f574364", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:68368fca-c8aa-5881-83f6-cb1c8842b17c", "id": "CVE-2026-29145", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29145 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:efe5b63d-77d3-5425-affc-6305845129d1", "id": "CVE-2026-29146", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29146 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:62ad672f-ed4d-5c70-b2ed-cc9d96a8c94b", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3c592c80-6472-5434-b72b-75f4378c71af", "id": "CVE-2026-34483", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-34483 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ca2f2235-cc10-53fc-bafe-81d774fd0e96", "id": "CVE-2026-34486", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34486 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cdfd8ae2-2c5b-550d-890e-32850a22f8b3", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.4" } ] }