{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:9526d07a-50dd-5752-998c-048e05d40826", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.3", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-websocket-api", "version": "10.1.18-tuxcare.3", "purl": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:a8f908f6-763f-53b3-a614-c0a61b4d4637", "id": "CVE-2024-23672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23672 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:40915dd2-1cd3-5b95-bacf-8ed532649360", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fa478275-5073-5849-a72b-bd753766d88c", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:04472338-afdd-5cf9-a366-5e7e5ba4c0ab", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:868376de-0502-5d73-bbda-c414a3ac7749", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:aa02de77-e447-59fa-9cd3-99572a505f4f", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4f49f4e9-9b6c-591e-b072-e26644695550", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:695d194c-1a59-5b6c-a97c-3b5dd230cf4b", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8d8bb5e4-f097-5dc5-a2d5-365258a49b2f", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c6d2a1ed-0e6c-5d2c-b6f1-7d02c0694bca", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e44ea0a2-36b6-5c21-b5ae-f7404d158161", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fdaec3c1-ca81-56e7-b398-4fbeb6fa21ab", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2d2508fa-984f-5e5d-90be-ec14f3a1d41b", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0b9afa6c-468c-5e47-a063-3c2295b5811f", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:96de5986-10ee-5086-9d2a-e9fa87cbebbe", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:efa0ff65-e5a1-53ef-8ccf-1d287e7a4c19", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3963eb9c-2bf4-5415-a8fe-a1695c6e24ae", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4e5bcd78-d472-5f97-bc3d-0ecc75ee0df7", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d6c95edd-b732-5c39-9019-39830ad02151", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cee4319d-0b22-5f27-b452-2c22ead98617", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:086d207f-0a99-5075-99f7-b48f1c201c5a", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:597cf4ea-1711-5cc4-be9d-6ab1f81ed3fd", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1db5a9a3-9063-53fd-ae82-16741c19526e", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0fc7343f-227a-5269-b573-204ab022b2da", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c82813bd-f73f-538a-a5bd-a19e57f50af3", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:146d6bcd-d89c-5c06-a3a8-dda63fbd4327", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2b8fd5fb-a783-5023-a511-db0f2b30820b", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:443bbde5-0b0f-51c9-809e-95979b8849b1", "id": "CVE-2026-29145", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29145 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2bf89b24-766a-584e-8c40-c1459d8b9da5", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fec9f63f-2e00-5bbb-8f42-883462414e6f", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:51d32bbd-4136-5c72-9137-47903f34f303", "id": "CVE-2026-34483", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-34483 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:49afefd4-208e-5096-a026-419cf7646b79", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@10.1.18-tuxcare.3" } ] }