{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:4518b27e-f714-51d1-aa12-8f7c6e0f7f88", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.5", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-websocket-api", "version": "9.0.50-tuxcare.5", "purl": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:954a3e09-b7ab-5eaa-b6cf-8dc9fd4491c0", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:fdc280ae-9831-5695-ad2d-24e4bc29242e", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2382b7ba-0656-5d1e-adf4-64871d2de989", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:67017510-8efb-5372-98b1-e48fab1cf87a", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d3c8f2cb-1491-5c41-8884-62e8336e97c1", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1885d666-5b7d-54ec-87d8-8763c5312c64", "id": "CVE-2021-42340", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-42340 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0d28a088-e024-5d6f-a97d-e9cadf598994", "id": "CVE-2021-43980", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43980 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3689d8bf-b25f-55cb-aaf3-284b1424024c", "id": "CVE-2022-23181", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-23181 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:376984f3-e8f8-5da7-9250-cc63b9df1ec5", "id": "CVE-2022-29885", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-29885 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a2277559-e5fd-5364-b495-6b54a61b4402", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:138ee32a-8bb2-5cca-b635-f2e3e4a7d1a6", "id": "CVE-2022-42252", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-42252 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c74df259-2920-53f3-812c-857a3fa2ae6c", "id": "CVE-2022-45143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-45143 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d22bed94-c73a-5b85-8575-2dd06f094e4a", "id": "CVE-2023-24998", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-24998 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8f708fcd-a593-5283-8037-a09a758a3d7f", "id": "CVE-2023-28708", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-28708 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9079ae3e-1f97-5e31-9d94-d9ce6e09ffad", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7f130ed6-87c0-5f34-ab62-3934703ba3d4", "id": "CVE-2023-42795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42795 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:637b5815-d4c3-5b7d-8251-0009f79f248a", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:51505057-a67e-53db-81b0-5d746b4d67af", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:853935cb-3293-5034-8436-cbeef7e36382", "id": "CVE-2023-46589", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-46589 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:10899ee3-bc24-5bbd-a957-dd0e5b306806", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:94d69510-7d89-5667-90b8-d09d840b41ca", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0d47ea83-5a66-5851-ba14-322c4d15464e", "id": "CVE-2024-34750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-34750 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:19fd1425-5d0a-567e-a592-0348514b42c0", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8fe0ab3a-0593-53e9-8990-ce24856f7355", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:69f36114-cf3d-5fdb-9d0d-82ddbc3a6654", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f093fefd-8302-52c6-89b5-6e8aa9a39e20", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a40417cb-9ad7-5532-a2a4-0efa58d1f6c6", "id": "CVE-2024-56337", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56337 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:14346789-0557-53df-a727-1f47446b401a", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:825b882c-d6d7-5952-b274-4a59c0b99a3b", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:fd231f86-885e-5080-8351-8d0bf072de94", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f4c5ca20-bce2-5bd1-bc9a-862c7e09691a", "id": "CVE-2025-46701", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-46701 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:89cdba3b-8246-5c4a-ad81-de37a68de304", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b8803c30-f474-5412-b212-61d52e23dc3e", "id": "CVE-2025-48989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48989 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:01b01b49-44fc-5899-a516-6ffa63b828b9", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:23661fba-7c0e-535d-b039-9212f2e2d57c", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:054f2e72-8f31-54bd-806a-335bc731a1fd", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:066a1340-862e-55f7-8f37-67b58d93f05c", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:75836a4d-a90a-58a7-9c3f-08b3ff26afcf", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:70caa213-0731-5904-a6f3-2c91f9087ed8", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:673053c0-3281-5b05-aea7-b6add8f636e2", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:63e1c498-57bd-5c2b-9dfd-6ef37601b628", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8d1da3b3-5b6a-5157-8108-0d466977f4b9", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ff8a7be5-b5b6-5bd3-ade9-e02ba3c7a0ee", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:924ce090-1cb6-54d2-aeea-2861ffddf7da", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f11d0003-0239-50ba-92f5-697c4259425d", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:bf770ffa-8772-53b1-8852-fe692db84757", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8dfe2c8a-a706-5ecf-add2-b701a74520f0", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b4b424ef-e006-56fc-89ca-06616540f1cf", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5115e249-0095-568c-87ec-a1c7b9a73b64", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2cd822fe-cd10-508c-9371-92b6387acfc4", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.50-tuxcare.5 of org.apache.tomcat:tomcat-websocket-api." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket-api@9.0.50-tuxcare.5" } ] }