{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:eff89f1e-523b-567f-952e-c5f47407c666", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.5", "type": "library", "group": "org.apache.tomcat.embed", "name": "tomcat-embed-websocket", "version": "9.0.87-tuxcare.5", "purl": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:50e3056d-21cb-5ac7-8751-4a55867a1aab", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.87-tuxcare.5 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f4c37be2-20ef-5fb4-8091-420d6c9c1393", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.87-tuxcare.5 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:edde18d2-150d-5805-bdf4-bb5af7d8fb84", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.87-tuxcare.5 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e4587eb2-40cf-5638-9267-5f1c0a38952e", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.87-tuxcare.5 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6ef6b0e4-ae27-5b8b-a310-8686e4b6a4b1", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.87-tuxcare.5 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:06f93dc3-a672-5f72-858a-74030e925c3a", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.87-tuxcare.5 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:cb0b9e95-18ad-5e18-bf38-07a7ea1ae244", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.87-tuxcare.5 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:767ecc10-b6f4-5ad0-ac13-e06270eabb13", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.87-tuxcare.5 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0980f3f3-ca9e-5fc7-8c2a-ff6d4e944757", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.87-tuxcare.5 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:399bf4ec-0935-5ebf-8d44-67afb5c1c672", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.87-tuxcare.5 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:18a8a906-d254-5392-8720-21e0013e1a0c", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e2bf1464-7d68-5320-8564-dbdfc2170571", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a7e23cfc-678d-5334-96c1-6d8b4b7f6dfb", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:22b43a7d-e9c1-5fb7-b09b-c0eff05f5ec3", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:11e72ae4-7c2d-5477-946e-7a3405347cff", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.87-tuxcare.5 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ed0edb29-e307-5bfa-be06-345b9cb89730", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ff01d0ce-c771-5456-b036-b19a0e501d8c", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8d1461a7-48cf-545a-afb9-29e02d9a430d", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c929b0fd-5549-53ad-bb06-23dbb5696b53", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:17c284f1-b466-5972-b220-4226da6f216c", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f8e19ae0-9abd-5b12-95f0-0ffb3c6d8e03", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:46388a50-bbc1-5595-af92-8e8d8d2297ea", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e8872256-a03b-5c44-961b-3fec47bc4689", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b1e23bf8-4b3f-5e4c-a658-790ed889d125", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2c94a94d-fd86-58fa-897d-ac0ce050f845", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ad6aa38f-1288-58ad-83b9-983a3440c841", "id": "CVE-2025-52520", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52520 affects version 9.0.87-tuxcare.5 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d9afaf89-1e8c-50fb-90d1-085db284180f", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b173b933-cfd5-5284-b613-2cea1aff39d9", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f87d9bc5-4296-573f-87a1-77921d6b2331", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:445e98a9-47f0-5f7e-a44f-9812c4f6cd64", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:470f2562-fc85-5931-90cb-9f07b4bdea63", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f0f622f2-582f-5ff6-8915-0fcaad53faee", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.87-tuxcare.5 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f9dffd55-b943-58cc-a7a7-3e17a32de210", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.87-tuxcare.5 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e5b3a6d7-9122-5691-9bd7-a48e41c6592b", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 9.0.87-tuxcare.5 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d583f867-2514-5173-af0d-f5ce37c2a3cf", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.87-tuxcare.5 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3c2ce619-705d-5328-83db-c725837b1a23", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.87-tuxcare.5 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:44771cc5-cbb2-57ee-9e40-28b2f03df075", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 9.0.87-tuxcare.5 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0db76229-4374-5285-833f-6af652c62c86", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.87-tuxcare.5 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:77b4ef22-7f48-581c-b751-1b3aa2242e0a", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.87-tuxcare.5 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5f6dc819-cd29-5f95-87f7-81242df394b4", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.87-tuxcare.5 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d04229b5-9776-50c0-a90e-47bb23c17432", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.87-tuxcare.5 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.87-tuxcare.5" } ] }