{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:756cd10e-4058-59fa-9998-e301cebd4709", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.90-tuxcare.6", "type": "library", "group": "org.apache.tomcat.embed", "name": "tomcat-embed-websocket", "version": "9.0.90-tuxcare.6", "purl": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.90-tuxcare.6" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:16a08f2a-b624-5f66-a707-aeb7138617db", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.90-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:c885a385-d5eb-5038-9af9-9e83016c67e2", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.90-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:7ed46478-b492-5167-bfec-8b13c663d7ba", "id": "CVE-2020-13943", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2020-13943 does not affect version 9.0.90-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-websocket. Fix for CVE-202-13943 for this version has been already backported by the original developers, so brunch 9.0.90 is not vulnerable" }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:29137122-1a48-5f8b-8c10-928f2d01cea0", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.90-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:cc9b1540-9e8e-5973-9ab9-899058e845ba", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.90-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:5152509c-32c5-553c-baaf-05b79a96047b", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.90-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:08cd5283-9bad-56d9-9fcc-c0e916cf7bce", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.90-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:2e1f8d0d-01b2-53e7-a744-559c881ff594", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.90-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:6a4450b6-3fc0-5b78-9f8d-f95c0d235071", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.90-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:3d2ff07d-3076-5945-8793-e7fa6f3b5d06", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.90-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:e682a401-be82-5242-8959-7c8640412fad", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.90-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:58f3426c-dd6a-5670-8acb-fa1c88a1edaa", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.90-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:09e99b09-147e-5300-8a49-59f5bb3ce3a4", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.90-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:bd224ad6-1ce2-5eff-a6c9-1d6e68f51ced", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 9.0.90-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:63f2b50f-9b5e-503d-b35b-7b2c8b7d8fc3", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.90-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:9fdeac85-9d2a-561f-842f-1205a33f5dac", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.90-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:b0a0dc46-b1a5-5afc-adb2-1b32b4c4b96d", "id": "CVE-2025-31651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31651 affects version 9.0.90-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:70702723-7ad9-5e91-90be-4eb7efcf7afc", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.90-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:1d82f14b-b757-55ac-be57-29b4cffe2cad", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.90-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:a74858ba-1678-5cc5-bdc0-fd4d651d82c8", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.90-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:239befdb-a80a-535f-a19d-74b9b2f1fba0", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.90-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:77575f54-69d9-5b2a-8e80-049873ff6f77", "id": "CVE-2025-49125", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-49125 affects version 9.0.90-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:e1582df8-1f94-5f6e-b336-08a9e2fd6479", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.90-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:17a6f586-e71f-5eda-9f6b-2761d907d004", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.90-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:da32211e-7a0f-582e-988e-835a01a1a2e1", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.90-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:e4cabc7e-3599-5202-b0d3-c518f08e7570", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.90-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:d11f765c-d4f9-58d4-b357-8e28b9ec8450", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.90-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:365b56e4-b201-5e01-9a64-b7b79a151976", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.90-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:442b8ae8-0c67-54b6-9ce7-36e35a685b36", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.90-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:82182f01-a08d-5ce2-92e1-3cd51ee0f57c", "id": "CVE-2025-66614", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-66614 is fixed in version 9.0.90-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:5b7152ff-efb4-5dd5-98f0-e91b95579a8f", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.90-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:46bb9b52-8932-5da5-ab2e-26e51e0a239a", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 9.0.90-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:839faaf2-b829-56a6-95e4-6c715d1303f5", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.90-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:d286874e-ec23-5f1c-88c6-ed7ff39905a6", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 9.0.90-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:81475dad-ca75-5e10-9b6e-c569d1ac7b94", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 9.0.90-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:ab29f70c-c46c-5a99-b21e-46e75fb5af30", "id": "CVE-2026-29146", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29146 is fixed in version 9.0.90-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:3fa7b495-4764-5eac-beba-59fe9256234e", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.90-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:a3e7a272-1550-5efb-b66a-091f4f88f91f", "id": "CVE-2026-34483", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-34483 is fixed in version 9.0.90-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.90-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:23fa1beb-d5a0-5982-acd1-b8bc8cc8503f", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.90-tuxcare.6 of org.apache.tomcat.embed:tomcat-embed-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.90-tuxcare.6" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.90-tuxcare.6" } ] }