{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:1f6a8aae-0b49-5fea-8b3c-153eefe13233", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.2", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-websocket", "version": "10.1.18-tuxcare.2", "purl": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:9ee3a304-8cea-5d9b-a53d-9f996bbb44b1", "id": "CVE-2024-23672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23672 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:02adf027-f213-5516-951b-e0fef35a9572", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4d2da783-df9e-5744-9a4f-adda52609e4e", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f6122c9e-cf9b-553c-a182-c5481be4481b", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:77f121f6-ab18-57ba-b786-16eae6d47d02", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:25d5850b-3bd8-575d-89d9-f555f226dc99", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3c4084b9-3f2c-524d-aea4-bb2ab0269420", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0a8f40a4-603d-5e15-aaaa-c4e2d63fb949", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:61e2546d-a03e-500b-a522-efbe66e3442a", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ae42b3dc-9bbe-5832-a712-5d91eef88136", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:52979aa7-dd67-5008-978e-31b921c39b22", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0ce1f5c9-1685-52a7-a97c-d6b59d05b131", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a7c8756f-9d07-5c0d-9a79-24b1bfbcc697", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b04fba90-e79a-5481-bc74-56c8c52bb01c", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ec2002e7-cd4a-5119-95d2-fef93945b233", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:840c0168-a509-5184-a1a0-ca29d4bf6bf2", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c2503c43-ca3f-5392-bd76-e47f8d90f9ee", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:def45060-ea5c-51b0-993c-3684e7919d4a", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c2298d06-2e22-5d73-80d6-c8c6a9149ca4", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:05a8916e-961b-59af-a230-ac7804dac80f", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5ee77f0e-d704-5af2-941c-7a39c29cd995", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dc41fd13-0f5b-5ccd-bed7-bda11a7b5f19", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e3395f70-9a39-57a8-8c03-ec07aede1869", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2db8d9e2-041b-529e-8550-b416a98af768", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7ae6ca4c-cb12-5012-8014-149ea6142adf", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:aa81f061-fb39-5dce-b95f-f5b31bd846d0", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1a379c79-16cd-528d-aabc-92d8e3126f45", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:624c9714-f702-5985-aa92-d5b536a05e0a", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a2c496b7-2eb0-5e5a-a533-16a6bd2b2cc5", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:03e71c1f-74c3-5467-8982-c6d43799efa7", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d896fc9e-10e7-5eef-8712-29ec033acfe5", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7e0ad3c5-4897-5f49-9f80-f367036306db", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 10.1.18-tuxcare.2 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.2" } ] }