{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:e0821999-40a2-55f6-94c5-e6d752f9fa80", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.100-tuxcare.4", "type": "library", "group": "org.apache.tomcat.embed", "name": "tomcat-embed-websocket", "version": "9.0.100-tuxcare.4", "purl": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.100-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:ed83ab50-b31c-526d-af16-d411b267441d", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.100-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:884d8a51-fe64-5b1b-96fa-b63900776145", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.100-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:438e19b2-2134-59ad-b1d7-b65d22851cd6", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.100-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2b25fbaa-1281-5eac-a2d3-8d412b53b48d", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.100-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2b45942a-794d-5d3a-a65d-85c7317cb80a", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.100-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ceb32ecb-96c6-5ceb-a07e-61ee2895a0f6", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.100-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:22ed19dc-d942-5ed7-a346-d199fe1580ef", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.100-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:127071c2-44ca-5c9b-8580-ebd34033502d", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.100-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3e2a7d26-8725-5eb4-8e33-5c2569561bf1", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.100-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a2daf023-7473-5846-8cde-4559a46a96bf", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.100-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a5430082-d436-5fd5-a930-342cc773d910", "id": "CVE-2024-52316", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-52316 affects version 9.0.100-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d651ccdf-7b5d-50cb-959c-6bfd1ca2f095", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1cf5736b-fcc0-5b69-b414-ad2e32de3c95", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ee3f019d-3d7c-507e-b138-871d9c52d794", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bd8ae939-b0f3-5b85-9082-823a6d1ac5dd", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c5ef8f88-37a1-556d-a7e5-b6a88e9c1a42", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8935aede-7bab-507d-a6c4-69bab86dcec4", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7870c438-f3e5-5f83-b8f7-73a35b68238c", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:505d3776-ca94-5cfa-a39d-914ea6218381", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a11d630f-0670-5c1c-80a1-5489aea56ff3", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3608ea75-ffa7-551f-82b1-1e1acd16517a", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:13d3c915-a503-5fa9-b191-39b01baaf54e", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:dd7684f8-e643-563a-a5b6-d81ccae199be", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:95c45d57-2c7f-5517-8648-9263550ea5fb", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ca33a761-c81f-5811-ac06-62436ca8cd5b", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b70221f8-6da4-5794-889f-39740826b220", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.100-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:62957e5b-b5a9-524c-8cf0-4e74b8e4ee80", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:25bb74d9-633f-560c-a3ba-f5f519a75b23", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 9.0.100-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c0b2516f-d3b8-5d5e-80db-7432a9a5dc39", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.100-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e83124c9-db4f-5ed9-b971-9c6119c53087", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3cf70306-c49a-52d1-bd15-ba4b1c7c104c", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 9.0.100-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:144114eb-936e-5df4-8f9c-d65b0ff68085", "id": "CVE-2026-29146", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29146 is fixed in version 9.0.100-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6ddb3465-4e58-5658-a383-18139302e0e8", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.100-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fa8537aa-d232-56bb-80f2-3a2fa7d44605", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.100-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5207f8a7-ca15-5d36-954c-854228c8995b", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.100-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:45c89a81-6593-57aa-8bd5-20fc7f9f1b92", "id": "CVE-2026-34500", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34500 affects version 9.0.100-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.100-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.100-tuxcare.4" } ] }