{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:bc8ab9a4-9efc-5d22-a499-63f5ee22a4dc", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.75-tuxcare.4", "type": "library", "group": "org.apache.tomcat.embed", "name": "tomcat-embed-websocket", "version": "9.0.75-tuxcare.4", "purl": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.75-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:3db3304b-8c78-549d-94fb-194bbe75a24d", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.75-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:591c860a-d81a-52fe-90c1-3665e78975be", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.75-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d1f73ab3-6bb8-5c1d-9997-9626d0e4074a", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.75-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ff3f5d6f-b8b5-5f1a-92fb-d1aa2383b4fe", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.75-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:09330aad-7fe2-5438-ba02-1a3635461924", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.75-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8690155b-a605-5066-bf83-9337137f495d", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.75-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8be8cbe8-26fa-5d52-98f6-cd1d85d19f7f", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.75-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:019f9f58-e0f1-55f5-8448-51145772235d", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.75-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:733bbe4b-fdfa-5d05-96b3-3fe4ead9d6ec", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:caf22557-fba9-5ec9-9a96-f9d76667fe15", "id": "CVE-2023-42794", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42794 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3887f7af-0886-51c5-bf43-b30a241da0cb", "id": "CVE-2023-42795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42795 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:960046a2-fa6a-5f92-855b-4a27377d825a", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6d9237f7-a179-5691-b43e-e679e660b897", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2a880ade-50fc-592d-8fa8-5e99115926f4", "id": "CVE-2023-46589", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-46589 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7dc938d2-79a0-575f-8dfd-c5d8b4eef36a", "id": "CVE-2024-23672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23672 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:62cf2a84-1273-539c-981d-b642e91d0d08", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bf4fc56a-4fd8-555b-93ac-75506693e3f1", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a0642e1c-1cd0-5261-a05b-7506f7a38fd9", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b60e1fc4-4ac8-5ac2-a7b4-e3ebb027f14b", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:dd46b67c-118f-5d56-8450-a296d3d50494", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e6829465-2a8b-59c9-86ad-1646ba6c65bb", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:36f8dc12-984f-55b8-922c-134380fdf41e", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2a1f199e-c7e8-513f-95f3-1444902cbb37", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1019573f-7edd-5036-b780-3086e6652f0f", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.75-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:05dcedfb-8419-5c8b-9a04-c8c9c10891e1", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fb079964-3671-596d-b0e1-18fdea4fed48", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:964a9b57-cebb-5db2-a360-4c6a017a8482", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:95da8a6f-dd38-52a5-b787-dbf52a234a36", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e1130b5f-c24e-5ba8-876f-058269dd0152", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3fd9b80d-6a20-59be-8112-e2439701d1b7", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:378c343c-cc31-59f8-b899-0808b22caae4", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:26094fd4-d4bb-5b37-b3e2-96432b005573", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d5ecfb17-8fba-5c6f-8dcf-8eeeec4d1416", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e72ef6a0-0a51-50fc-8c0d-54833f084518", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:831e31f5-1386-56ee-b7de-6d736da9e1d1", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:32d13ab1-36d1-578f-9835-b9cb0508bcae", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b289917b-8e3e-5659-9bec-0a70b60b8b98", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:703051d3-4613-5b2b-9667-709f6dd92487", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.75-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:69647e5d-078f-59f5-826c-c7e3fff6a80c", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.75-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:701aa9d9-562d-5a9b-b123-eef47e7b094b", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.75-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bc011458-49fe-5af6-a3be-0f2f89b6c6f1", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.75-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3dc4e23d-cb79-5319-9e77-4c4008e95109", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.75-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ff3f18e8-0a43-5d76-b7fa-e78fc6a8fc46", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.75-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6376a23f-5af3-5eb5-9977-3a3903867671", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.75-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.75-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d30886db-b150-5703-9758-ff1b5b4aa665", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.75-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.75-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.75-tuxcare.4" } ] }