{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:4b5a3b04-4c10-5048-816a-49708658ed9a", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.4", "type": "library", "group": "org.apache.tomcat.embed", "name": "tomcat-embed-websocket", "version": "9.0.87-tuxcare.4", "purl": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:1184279d-deb0-593a-b742-ae8dc8d29be0", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c06d9c9e-603b-55fd-816e-d64c73a014f8", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fb9a0b58-0299-5d68-96e3-750c01a531a4", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f5ec32ae-687d-55c0-8dd1-a1795a9a3a12", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:110e657f-0291-5a0f-9b18-a2fabef68ecc", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ce068ca0-0650-52ee-b05d-d4e605683fcd", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1afbba10-ed33-5d38-9e32-2ea773cceaac", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:69e5b3d6-5934-56d1-baf1-d0f2c68d21bb", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:65b89b1c-6e31-58e6-b08f-0e3a3c88d291", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fbb68010-0128-5faa-9790-8542117c99c4", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b7957597-fa43-5fa5-ac59-fa649198e478", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f2b87178-2a46-5d00-a25e-7688803657a7", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:af7000f6-f4ca-5fba-99fd-28717b7807fd", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9e52e043-4013-58a5-9845-74f10c88a37f", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:14f0a883-9624-5a3f-8513-09f06b3ae918", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:263d18a6-5da3-5b5d-be5e-5b5f83a4277a", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f8a1ee68-861f-5466-b965-b09e70ab00a5", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5ffd6708-3172-5316-aac5-e57c2b5f9c6f", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:78d1a946-bc3a-55bf-8b26-7abf5789f9f0", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7bf7b233-6eec-5d95-b99e-e5040da7edef", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:14e8e1a9-22f8-5ee4-8603-fd0cb49f7759", "id": "CVE-2025-48988", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48988 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a6ec1a9c-20f2-5cfd-801b-025ab6ca483c", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:07cfaa29-314b-5a7f-80a8-a63a2cf760e2", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:46bba7f6-1f96-5bb8-975d-c02f38df3ff5", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f16b5793-74cd-5e92-974f-4c29c9a2c0ee", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f36f228b-b45e-5ac5-a156-b7f3faddfe0f", "id": "CVE-2025-52520", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52520 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:26f0386b-cd71-5c0a-8947-a4c68da95fcc", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0de7fb4f-96aa-52a1-bc55-8e434bb8a750", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0cdf9cb7-7555-5793-a1c8-4e136c683892", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cb4fed12-1866-5d73-9861-9333b579758e", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9f6a815c-816c-584f-8881-fac5973af40c", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:64a8df8b-bec2-50d8-a75c-fb1ddc772f66", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6a36e46c-140a-576b-8e9a-3ef702819653", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7753ad87-3927-51b7-910a-1e8c606487db", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:761eeb1a-d2ba-56e3-b7db-3740c106e50f", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ba329ca7-df5f-5963-acd4-ede8d6413004", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ed7a6604-7950-5b68-890c-99abf4ea6562", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:73999aa3-9a0e-5d41-9c66-c6220ee4ed5a", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fc843846-6702-51cf-9d38-961630c5efaa", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c17357b6-5106-5498-be41-3f9dacc8a013", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f5c833ef-1cb7-5bbe-a2b6-475ac7915e07", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.87-tuxcare.4 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.4" } ] }