{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:cc8218ed-7a05-5cda-ac1c-1e88a658b113", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.100-tuxcare.5", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-websocket-api", "version": "9.0.100-tuxcare.5", "purl": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.100-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:b88908fb-bf1f-5eee-a456-2e98ed424f7f", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4fc6d506-951e-58b4-89c7-dba8ed498334", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9b5dce7e-095a-55df-a7c7-5f901c08cf75", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:93eb8559-b48f-586b-9a76-abdb1d76692d", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:32579cad-75c2-535f-a082-c92c0d0011a1", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:34125b82-93ab-5241-b60a-7fed7aa25fef", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8739b136-bb61-5024-875f-a3b8aea7fe24", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f169012b-3253-5c12-8411-55c057fe88dd", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2682e3e2-4477-50eb-8a84-7d3cf3230776", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7d19b50a-9710-5185-bb01-fe561130fd6b", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:06d0a2ce-aee7-574c-9eed-7b32f448765b", "id": "CVE-2024-52316", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-52316 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:732f2e83-54d3-52fb-bf69-4574baaad1af", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f0c486cc-3a2d-5ab0-ab6c-bd86c78ed499", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3b12adc8-747d-5066-93da-31aa2ebe8f1d", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f8358b34-13b8-5081-a74d-eca78792aab0", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c8606cc8-b1d4-5be3-be04-77c17bb08d7b", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e9475b64-012f-5c7d-aec9-b99716a28ca8", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2742c392-fd5e-58eb-941b-4fa0c14dce12", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6c30d97a-dbf9-5a6c-952d-0e89ca81b6f5", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:737541ba-1150-57a2-97f9-e1ce985ab999", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b1102c07-991e-5d96-a8bf-42bc9a64e77b", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b23dc19e-02c0-560f-b341-031019f87f35", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ad9bf350-c262-517b-95da-53b8613e2250", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d5b9b746-d058-5e9e-a319-587b6c26549c", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d3f5c3f7-f709-574b-96ee-a3f8d898033a", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:fab93be6-ae9f-5c17-9bf5-acfed926fd57", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:501eb222-ab8a-5f3d-aced-0aa25a9a88b9", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:99def5a6-00e3-515c-aaa4-7b9b67e61a0c", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:12875c07-4e0a-524a-91fd-98dafe8df549", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:398fa5a0-d512-5324-a6f9-fd8d0349645b", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8c600425-a317-5f7c-a8b7-5b363359f75a", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:53624e92-dd08-50b3-85f7-f7581aa17109", "id": "CVE-2026-29146", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29146 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7f91c3cd-9c1d-59aa-8f3b-93f57fbd2369", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:78fe0519-3530-596b-8cfe-69fa77f4c5a7", "id": "CVE-2026-34483", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-34483 is fixed in version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:68299e49-a53a-50e1-b3ef-9de957a44970", "id": "CVE-2026-34486", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34486 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ef98c0fa-f0cd-51fa-a780-65dde38a662d", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.100-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:974946cb-a998-524c-a697-b4bf757348b1", "id": "CVE-2026-34500", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34500 affects version 9.0.100-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.100-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.100-tuxcare.5" } ] }