{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:2a0b3ee9-6a6b-5b53-ba3b-1e6acdd0eecf", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.1", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-websocket", "version": "10.1.18-tuxcare.1", "purl": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:aad25cbb-4c60-5637-bb6c-d4b3d3f4ec8c", "id": "CVE-2024-23672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23672 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1cbb1669-060e-584f-9bd1-52f73df36102", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:684311e8-376e-53d1-b3b6-35ab764b6871", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f950be5e-38d2-5c92-95ef-67e03b8ed890", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c813bd2b-3170-5004-a8b0-bcbcf0323090", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c1e881e8-0f76-56e5-8017-cb29b43d162b", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c3eecc1b-a4db-582d-9213-7451649a66d0", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:544a559f-c8e6-563f-bc5f-a05fcc9cd5c0", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b0c32478-843c-5529-9039-c6e4a4bf2271", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b04d9667-5c93-5fc2-9715-558ae7c62e43", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2bed18cb-2c93-5951-b231-493c63aa6cf5", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:78990f24-d547-575f-aca3-5c114c226a64", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9dc8b774-e301-58e3-8311-7e1b03a29750", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0a5cff62-6a43-5317-936c-f4484c3974e7", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9d4447f1-e0c8-52a5-a072-857a5f4f7e15", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2f665fee-98ba-53af-b040-e1b6b0d35008", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b48c2424-875b-5664-9d75-589b1e0d5401", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5c996c57-2c35-508e-aad2-a48520b6857a", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d819f0dc-efb4-58bf-83b6-86806b10fa23", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6f6409cc-42ec-5e79-b9ab-933460b4c7a0", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:60da7e15-a30b-5322-a00c-d6c9650f18f9", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1967f5a7-a6f1-5c56-8676-71c79a2a338a", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:efc8f502-e409-5df9-bcd2-ebce972ea953", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8ad32136-cfa5-5d30-94d7-f4f0ad794cc6", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2137f4f1-b306-5a7b-8baa-bf536d221bd7", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3ededfa0-6878-5e81-b8db-5ab7990fc621", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dc5c2a64-f6d4-5163-a3ea-b3de1ebd1bb3", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:76155367-a591-548c-b9e0-d7f595bb50d7", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b1521a57-b7d6-5a3b-a5e5-94ff6cb360e6", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3d6b1451-b3b3-5013-995d-b0256e4fd740", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1d3387bb-d457-58fc-a601-e5759c6e3001", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4252206b-8ad0-5328-af0d-ad5865dacfca", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 10.1.18-tuxcare.1 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.1" } ] }