{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:e717678d-0fdc-5d71-9a19-09f45eeb217e", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.4", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-websocket", "version": "10.1.18-tuxcare.4", "purl": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:d4e8755f-d5aa-592f-bb43-2a2b9fdfcfe8", "id": "CVE-2024-23672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23672 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:215f26c4-9841-5872-b3ad-793dc4a371a3", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3ef03552-166f-5d8a-a185-bb8ec911a35d", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0f024582-f14a-5878-b01e-f0d8ae2ae901", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9b5d5548-b18c-5e41-82c7-eef0a365d2f7", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fee6b7c4-44ce-5ba8-9198-a3c41fb04e26", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a0bda260-3173-5a73-8604-0ae36b2c3362", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:28e6c409-69e1-5e6b-9309-b50babec453e", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:02cf3331-d6ff-5e5e-ada8-4af797392311", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7e199305-ca10-5943-8559-ae88dd76efbf", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:94043a18-ba29-5d51-acae-41c6bf1956c6", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e88d17b3-2f6d-56f5-9e36-fc489a99021d", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:674fe7ad-30fb-5788-be71-4b42ef677fbe", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f9857028-d2e9-5d82-94cc-87dccba141cc", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:72cb5e00-e76c-590b-ab21-dd4653ae2f6b", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5a957063-cbfc-5d6d-96bf-e033f1e868ef", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ab58b6e8-eba1-5ecf-9b9e-9ec5ae804ab8", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:048e9a0d-1f92-58b8-83b4-ebe8e51de39e", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:eeb76e04-1ee1-5dba-bd53-63899268c901", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:485844e8-ba7a-5ca7-8805-ee3f41db3bc3", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f15bab08-01cf-521d-9903-a7fc35def6b5", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c7b18197-d677-5688-8670-3c0d484cdd6c", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ec505415-8672-503e-8b2a-4d5695b5339b", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:918a46db-b14b-5d2c-9345-4f90ab5bc6e5", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e619b85e-1e77-5906-8e79-e2c942da3b03", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2aa06312-c2ca-531e-a643-ff933925df4b", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2da68dde-8920-5d4a-83a5-0d4744abfdf9", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:24dbb2ca-7813-5114-a1a4-8d9763fe3ec5", "id": "CVE-2026-29145", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29145 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:27a9a84c-c93e-5705-95f8-840c9c291872", "id": "CVE-2026-29146", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29146 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:458ad8eb-c7a5-54d6-89b6-7a891e03144b", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bb9c0dd3-5942-50c2-817f-425c5b2e4011", "id": "CVE-2026-34483", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-34483 is fixed in version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c0cac690-4c29-5058-8012-2bd862d0b9a2", "id": "CVE-2026-34486", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34486 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c099bdb0-4288-5eee-99a1-c164b2aabbe8", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 10.1.18-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.4" } ] }