{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:2eee161e-4b25-58bb-a5b0-d3724ae15a08", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.3", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-websocket-api", "version": "9.0.50-tuxcare.3", "purl": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:0dfabcd4-8096-522d-812c-e8f2b8bc2d08", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:65edfc1b-b32f-5faf-b625-7bbd950e08e4", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fed3ce5e-64d8-5b23-8bd0-2f8986952a56", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:59d999ba-bc02-5ee4-ac8b-76f1728f7783", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a7808bb5-8328-5666-ab89-d8b2585b63e2", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a05ee52d-6ef5-5dde-8f53-7eaf0c9a785f", "id": "CVE-2021-42340", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-42340 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:faec0e98-2812-5ab7-9af3-f66c09ac0535", "id": "CVE-2021-43980", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43980 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:007aa32e-2fdf-59ac-909f-ee7f1f5737f4", "id": "CVE-2022-23181", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-23181 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:79bd65a9-19b4-5585-9365-6dd6f158a1c7", "id": "CVE-2022-29885", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-29885 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e182dfa3-deb8-5d1b-928a-6755f5ecedb7", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2d8da50a-82a1-5495-88da-a18e0ab2e1b6", "id": "CVE-2022-42252", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-42252 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5488498e-b3fc-56d4-b191-b9467da40208", "id": "CVE-2022-45143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-45143 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9c1654df-04e7-521d-9a81-4bd7a557fae1", "id": "CVE-2023-24998", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-24998 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ebfafaea-1623-529b-8d7a-29590ca802ea", "id": "CVE-2023-28708", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-28708 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:187db000-1355-51d1-8722-22f44293c8c2", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:634772e6-ca00-51e7-86c3-890ee610a165", "id": "CVE-2023-42795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42795 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5b2d821e-bf2f-504d-bc3e-913e6153c201", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0874603d-894b-53a4-9e12-9522f31a655f", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0b67ffa6-3ffb-52d7-977e-b4dff7210b2a", "id": "CVE-2023-46589", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-46589 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:377a27ef-1d61-516c-a195-7ede3b128f36", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a5ce281b-675e-5e23-b65b-01d893c237c9", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a792932c-afde-5669-a4f5-d7a32fb39536", "id": "CVE-2024-34750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-34750 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4219c8aa-f362-5a46-9cf5-dc8a906e7cef", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:efe5444b-2490-5fda-9c9d-921b31f19f07", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:55703500-fe81-52cf-9bd4-a787502d5330", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9f74f77c-7b54-5d50-a0e9-4a2ea0494393", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3fd38f55-d6a0-5a31-9cb7-7cff9324f145", "id": "CVE-2024-56337", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56337 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ba29d88a-a60c-5280-848b-537763ba95f1", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fb0af446-3f49-51d4-96ed-6e35ae8997e6", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e353f468-035f-5414-b9ae-e37b17295de7", "id": "CVE-2025-31651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31651 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:943b1927-3c8e-5b7e-910e-4d38f494eeae", "id": "CVE-2025-46701", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-46701 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a9339e9e-ec29-5e62-8f52-2f693aee90d7", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:512302e7-9be5-58de-a2bf-093ae5b58436", "id": "CVE-2025-48989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48989 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4b09a281-9025-5f77-95d4-c96ca5dcd84e", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:16b4d114-d80c-5fc7-a1d7-80822b7456f0", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:781bb6fd-49e6-55c7-974d-d7d98a55dba8", "id": "CVE-2025-52434", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52434 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9c1c62a8-45e4-5751-bcbe-9e703149de7a", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ad97868d-42a7-51b3-a3bf-b4a4ec81337c", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:916b0ea1-8cde-524e-bc2a-88aa0b6ca046", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6576a211-2d99-5875-a55b-74c54b891891", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d6ae7989-cb13-54c0-a6ad-75f8a58af062", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fd622249-6778-5c14-a9a2-98151b82f93a", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d3f3c314-a74f-5131-b02b-7efccded3d74", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bdb61f60-9631-5e50-822e-c29afa0e5abf", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:20845ae3-b173-5359-932a-443f3ea01b13", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e43be8bc-b2ae-5072-a4de-50e8e59e1827", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:295ea471-f4aa-5155-a47f-eae0fac20557", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:887ee895-1286-5deb-9d23-b987dd204102", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:53a33641-d3ab-582e-ab4b-275b22ee6b57", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:37cf764d-27af-54e5-b6a5-4dcdff669143", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.50-tuxcare.3 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.3" } ] }