{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:35f10c3e-f5d6-5457-9d52-98049f87291e", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.1", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-websocket-api", "version": "9.0.50-tuxcare.1", "purl": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:2c2a55f9-d918-510e-8988-29c56feda536", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ace42da8-2761-553b-b6ab-6a4b4c6d5eb2", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6b334afd-7f6c-5b80-b1d9-46175013f353", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c41a6dd2-f617-5b19-af06-1419d4eec10a", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6fa59ea7-118d-59f9-85f9-9f5640a8f69f", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c4bcba0f-4d2d-5439-8060-41f93d6619a0", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6d1bbd15-119d-54fb-a2fe-5fb0cf903de5", "id": "CVE-2021-43980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-43980 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d6243c76-3b69-5edc-8e79-063d3d5930ce", "id": "CVE-2022-23181", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-23181 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e026a6c2-be8b-5a8e-ac19-026a2eeac0e5", "id": "CVE-2022-29885", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-29885 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5b7187c7-b51a-55de-9d23-c37cfd2bc333", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d4c97fa2-c26c-5a43-a7f7-acd422d47a4d", "id": "CVE-2022-42252", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-42252 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ab33dc25-e296-561a-a473-711bd2a4d879", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:169edda1-ec87-5705-87d4-b3565a07850e", "id": "CVE-2023-24998", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-24998 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6087c76c-0219-5b4b-8521-c395c1d30a82", "id": "CVE-2023-28708", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-28708 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:30fbc90f-7915-5881-ac78-c33ecc281200", "id": "CVE-2023-41080", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41080 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0b92ebd4-0ac5-5756-ad9a-2fd4f5229fc4", "id": "CVE-2023-42795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-42795 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0894c397-6a56-5ed3-87ff-f45cd036e657", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:63f74820-36d3-52df-972d-a6ab3a585514", "id": "CVE-2023-45648", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-45648 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:029216c7-26dc-5b39-a961-1d356df4d8b4", "id": "CVE-2023-46589", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-46589 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:83777f90-8721-5395-a58c-5a2befd7ec53", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:118b4e81-7529-5d17-a48a-255132dc6fa6", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:30627282-e6ab-5548-b320-576d9690b5c7", "id": "CVE-2024-34750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-34750 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ae60c027-7177-58ad-9c9d-37008eca75e7", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7f1862fb-eb46-5cc0-a619-460509a140c2", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f2f71fe7-797a-520e-bb1e-b1ce2a412e6d", "id": "CVE-2024-52316", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-52316 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:14221683-00db-51e9-989e-bba807f143d8", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:39374fd1-2819-5b16-a975-db14572ceac7", "id": "CVE-2024-56337", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56337 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a58a52a5-dd89-5af1-912f-a991af6423e2", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c457f5d9-008b-59c1-aa13-914ed82970a6", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:956facf9-ad47-56af-b23c-fc0d5cc940b0", "id": "CVE-2025-31651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31651 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:49b62b77-7aef-530c-a46c-dcf0eb8f0ac2", "id": "CVE-2025-46701", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-46701 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:68911e11-35db-5063-aa78-ba941266411e", "id": "CVE-2025-48988", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48988 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:45cc37fd-ac66-52da-8932-6a3aef167da8", "id": "CVE-2025-48989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48989 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:79b412b7-ba9e-5bd8-acc0-261471689149", "id": "CVE-2025-49124", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-49124 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:76fbf926-4cb2-59cb-af3f-0ed495ff8b5a", "id": "CVE-2025-49125", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-49125 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b3da6a70-6e54-5f2b-8fed-432053609a5c", "id": "CVE-2025-52434", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52434 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:418b5d18-0938-5471-b4c1-3a0eaae67c9a", "id": "CVE-2025-52520", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52520 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:97184a4a-a565-5b71-8367-ebec4995c547", "id": "CVE-2025-53506", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-53506 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:30b6c152-ae93-5ef3-b4cb-dacd568718c9", "id": "CVE-2025-55668", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55668 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:74a2c8af-0c75-5b15-b2f1-38aa7d37fb04", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7cb3ed8e-ccde-5c50-9279-86b38860f6d1", "id": "CVE-2025-55754", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55754 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:58f03a15-5656-5f23-a1d6-d6491605c8c3", "id": "CVE-2025-61795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-61795 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:49ec55ab-b3a6-552b-8d22-81523e72c6b7", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:39ff6f81-5aec-58a3-9696-4716edbe7450", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a2e90cfb-6387-5e3f-a505-87abb35242eb", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c0e414b6-b453-572b-befb-5e4d8fed3feb", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c194149e-8d1f-54d7-b737-0462454d5ece", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9f50df5b-4659-5ca0-94a1-e056a404ae72", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:16c6515b-6223-567c-a0e5-74aca7290e75", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:735d0283-90ee-57e1-9707-aaf6641f3b84", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.50-tuxcare.1 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.1" } ] }