{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:c5b5d791-c639-56f8-ac9c-ab28ea116130", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.3", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-websocket", "version": "10.1.18-tuxcare.3", "purl": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:f132f948-64b3-55b8-81d1-c23bbf9e7424", "id": "CVE-2024-23672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23672 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:88b4fe1f-b233-5529-bbd9-5374c6d016ce", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ae4d81db-4469-5091-8961-446cdaabd310", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5a991c18-3581-5d68-a518-e45921d10663", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8b556463-f6c3-59c0-b22a-04d2836b86ed", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3680ef4d-4fa7-5a9f-90d0-1c153e426586", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b784521b-9014-5bb2-a04f-0b004a2aa089", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b491e5ae-69f4-5455-9474-2d83478454a3", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:248ae35a-de57-5e49-8354-fc9806a5386f", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:70f1e273-2580-5be3-bcd6-6773baeab09c", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2a69e17c-a65b-5ac6-88e5-1fe39049b3bc", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5da0669b-70be-58cf-a1fd-53e3a7833f4b", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0b459723-52c9-5a21-b7f0-29cd8ed24e5e", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:feb5fd08-0a43-58b7-b337-b524ef7ddd23", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c3e42d6e-0388-52f7-a287-24b7a067a829", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4c8548c1-0dd0-5530-969d-8a5a4871d805", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1d7d8324-7dd1-54f8-8ad0-6bf798ac2cb2", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d0a14937-b42e-5b95-a511-fc9fea75bdbc", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:04b42315-aeeb-5ad1-9e90-06257d56cca8", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cbc78f3e-b709-5875-a664-d28a08b6aef2", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2ddb7cd3-ce05-59b3-a223-86d60e92e178", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:89082730-533a-56ab-9195-68245f65c81e", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:775da97a-b9ac-5f2c-bc25-2cc9ab303fc7", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bdf3406a-4f4a-55c2-916f-a6fff6058015", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0870c9a1-45ac-5aa0-bf49-63c7155836b9", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3f6b95a6-0363-52d4-a6a0-9150622c2471", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9d2207d3-5cc0-5adf-80ad-bfb973c25320", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d826bdac-86fe-5fc2-85d1-87a99d65168c", "id": "CVE-2026-29145", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29145 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ba14cecf-a8b3-58fd-a47e-212434d36e2c", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5aefe5c8-3b74-54be-b459-b9b9b9628b5b", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f01af6c9-158f-5eea-ada8-926aa4367c54", "id": "CVE-2026-34483", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-34483 is fixed in version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b8a4700a-c942-58e9-b050-99226a9ad423", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 10.1.18-tuxcare.3 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.18-tuxcare.3" } ] }