{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:bf0c5083-d495-571d-8cc2-064dc68d7406", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.1", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-websocket-api", "version": "10.1.18-tuxcare.1", "purl": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:b4e8317f-c259-513d-983b-4d9ef0ce34b5", "id": "CVE-2024-23672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23672 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:af5060d0-a974-529e-aea1-f884ea7805ef", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:df8c3dfa-b989-54d4-9bed-ecc89f19a237", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4db26f60-7868-5ec3-88e3-45c456d149cc", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c5960e6a-8528-5ee2-b9cb-de4abe13f885", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0177d83c-8617-5549-88a3-a2a40e5fc221", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dfadd95f-4313-5a91-a08b-54b287babdef", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:65a5c77a-36a2-5c28-9070-2a09e027905f", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:91d673dc-29fe-5943-84a5-21283156c1f7", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:50d40c3f-4ca8-5836-b210-accad070d703", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e4ca070e-6f5d-5c14-95fe-ff1dc24743ec", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7b0997a9-1666-5568-af4a-c19d483a6821", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a90c31fe-6d32-50bf-9a45-82d9db587c85", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7a23eb0b-d847-5d38-84c3-eb107c6aa873", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7a068335-9664-56b1-aec0-ced6178bff1b", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5f02326a-956d-55c7-bd0b-53a073e38f82", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:71c7c266-fe51-5625-8896-acad7e7c08e3", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:eca0e698-dbd3-5b14-a6ca-0b19c7197468", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6159b86f-500b-52d1-b5a6-fc85f3103a89", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:973fd031-b2d6-55b1-9b29-d3a6442224d4", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:87dd2aab-6e93-5d60-8ff4-a8c915b49819", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1043cdfe-ca82-5172-9176-3526ba1ce1dc", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:da3d9bad-7d6a-5ef0-9f59-d528851e6f21", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0e443503-1d00-5485-94a0-c93001bd288d", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f5b4b81e-c9c6-512d-b665-0012e6663c93", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:71166d6a-bd48-5557-a6da-fe949f76d956", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fd4d594d-544b-5b3c-86dc-0d09047e6030", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:538b3560-4e52-5bde-8b42-e5167ba6b86b", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:01b52c5c-aa66-53f9-a02b-9c40d4b3338d", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:35d04f14-c1e8-5293-931b-029eb8c8f5d1", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:51d00cc8-7c59-575a-86a0-193f925d4c17", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4f2d7d9e-157d-5d2b-8574-ba7006bec695", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.1" } ] }