{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:2597b855-e00e-5559-b539-ee487335d642", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.46-tuxcare.5", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-websocket", "version": "9.0.46-tuxcare.5", "purl": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.46-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:67a26de8-f8b0-5d53-bffb-9d7436734569", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:67002fde-fc82-5ddb-879f-4c47c6a05c31", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d33f5332-41bb-5a57-9ddc-85ca9955559d", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:617aa155-af1e-53cc-88c0-df1a2d9d70ca", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ba3a1682-1e67-5cea-9c35-2ef78f23de6b", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1a2c59e9-37d2-5f9d-8442-dafc2a298f2d", "id": "CVE-2021-33037", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-33037 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f7ae4dd4-3dfe-5db5-bd3f-8c5da07c077b", "id": "CVE-2021-42340", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-42340 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f4471196-7c4b-5b6f-b682-a01cdf2508e8", "id": "CVE-2021-43980", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43980 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7a1b958d-48f9-5498-8ef8-2d5da93dad48", "id": "CVE-2022-29885", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-29885 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8b81aa6d-103a-56c5-b3db-b6030016ac2b", "id": "CVE-2022-34305", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-34305 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:84a4611d-8149-5e56-af42-b8c9be6a500d", "id": "CVE-2022-42252", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-42252 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a16d52ee-ea64-5767-9b0c-e7c78e024ca2", "id": "CVE-2022-45143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-45143 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:270c3322-ffc4-50ba-a242-9ef8cbe45245", "id": "CVE-2023-24998", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-24998 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:029b833e-358f-5f6f-9399-ceff97399215", "id": "CVE-2023-28708", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-28708 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b9e74a88-f5f7-5dfe-b50b-61ee083d1e15", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:96e22e25-2047-5aa3-a2a2-bd3c13a43830", "id": "CVE-2023-42795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-42795 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:cdb2ad9b-4799-58f1-8317-d33dc9b06a7c", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a6040761-4b14-5d57-aa51-2837eb9e6473", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ecb20caf-6286-508e-8d6f-42d47d5fff6f", "id": "CVE-2023-46589", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-46589 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c22de089-224b-5211-8cca-19449ed72a78", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2e33840c-5cf2-52a5-8a6c-28c1ebfd6a70", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:909ba4ab-ea01-5763-9ef6-0898dd30e4dc", "id": "CVE-2024-34750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-34750 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a9c24ba8-0c83-5b56-bbdf-3a5d673bb776", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b3c70733-cb55-579d-97f5-4b618a42d31a", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:591268b6-dec0-5d66-a6f5-a5e6fd69dfde", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:fcb26754-adac-57f1-8bc2-58084df028d1", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:90b39571-92ab-5926-b858-e327e12bd2e5", "id": "CVE-2024-56337", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56337 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:be2bf0f8-4f6e-5972-9439-961ca0308af0", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8cee5b52-c379-5989-9bb5-c6af7b6a2056", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ae85ccd6-053e-55b5-89d3-80e96fda9ef7", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:df9af15f-1d98-500e-a0ca-f4d9c481081e", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c3f79c75-afda-5f47-8bfd-2962d58c2cca", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5b3879c0-ba70-554a-b96e-2f141193b0af", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2ba0987d-f2d6-5e05-9506-f5b692e58600", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:436b2f27-68b2-594b-9d54-87f9f0a4bbff", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:dcf4dd8d-be79-5eaf-aaf7-0aa0b26734f5", "id": "CVE-2025-52434", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52434 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:eb8ffa10-b200-5dfd-9347-26c2e4275877", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6c7c75ea-e24f-5a1d-9d0f-55c89cc2e28b", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:33d7d7a5-452a-5ab6-9e27-3995632fa582", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4b27a12d-17dc-5ae9-9cfe-1aa292193fdb", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ee1d62f2-a5ba-599d-8930-fb2a9574cf0b", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7521da0a-ad97-5b2d-acab-be08f6efd10b", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b27ad525-29e3-5e3a-a97b-8420f81291e0", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c0d36d3c-0038-5149-bfaf-c0c8b196e526", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c6475802-b67a-5fb5-bcda-ccd98b3d54d3", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:de912bec-9111-5c6b-aaab-2061876e63d8", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d6cf6c2f-0e95-5e11-9eae-73b939c186e6", "id": "CVE-2026-29146", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29146 is fixed in version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:056dc0ee-6c04-5205-bb28-7a1e3f8989cf", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:82319cd0-c7ff-5bbb-9250-47b9f6b58f1e", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4e043b71-9f48-5520-b71f-291d1be57541", "id": "CVE-2026-34486", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34486 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.46-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5e8ae9eb-66ac-5750-bf3a-5372ab902211", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.46-tuxcare.5 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.46-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.46-tuxcare.5" } ] }