{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:35a9558e-9b47-56ce-b476-d2d9230c3357", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.4", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-websocket", "version": "9.0.50-tuxcare.4", "purl": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:3c58aa64-32ce-5b3b-aa3e-a4286a4d73b8", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b40f8f7f-c34e-5f82-ac30-80c887d38668", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e3ba2d7e-30db-5174-b645-0b44b2b8fcc8", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7a332ae1-f45b-57ed-acba-bfc318773605", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3b1751c0-d12d-5d5d-8085-7ff1d653c67a", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:baecc09d-a0a9-58ae-8e48-f17103be25a4", "id": "CVE-2021-42340", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-42340 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:61839be4-14ea-5eef-b62f-29227d0f0d5f", "id": "CVE-2021-43980", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43980 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:168c39d1-3238-5317-986b-2fdc656dcd6f", "id": "CVE-2022-23181", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-23181 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:efe2010f-2f34-546c-9bf4-39d6aeb45d4b", "id": "CVE-2022-29885", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-29885 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:191e3d2e-dd8d-5d74-af41-37391febf9f7", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:709ca1c2-294a-5897-b435-b30cbaab3d29", "id": "CVE-2022-42252", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-42252 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2755b401-1ea9-5eb5-befe-64b46d128661", "id": "CVE-2022-45143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-45143 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8de63f32-0141-5e41-aa81-35a4605a62d9", "id": "CVE-2023-24998", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-24998 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:be4a397d-95af-5df6-902e-0cfb1cfd868a", "id": "CVE-2023-28708", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-28708 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bf9df7ac-380b-5e3a-8a23-4286df5a0896", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c016d54a-6158-51c0-b0ce-5025b65102cb", "id": "CVE-2023-42795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42795 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:dd8f464d-05a2-5804-846c-09801347bd89", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3ff8164b-2120-54b9-974e-9b278f5888c3", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6f882117-ec70-50a1-a303-52c6eec40d7d", "id": "CVE-2023-46589", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-46589 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0f536498-a4a1-5224-989b-b10535db4bb3", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d089a360-4707-5f64-b025-7b87b6c2a15c", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9f252bc9-076d-5dc4-adf2-6773e37ccd55", "id": "CVE-2024-34750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-34750 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8fd0fa66-1f70-5b0a-ad2f-ea8eecdb15e6", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c091be85-dafc-55c0-9d1a-d561eb0e8986", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f08c9ee4-6eb3-5dcb-8357-0102da5a8e3f", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:37388b96-6fba-5e12-a05a-c65af5b512e3", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2303095f-2c7a-5c56-a005-6284fad8bc70", "id": "CVE-2024-56337", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56337 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:27cf84dd-1f13-54d4-a8c4-b581d8ce75c9", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e9927a56-6faa-5a5a-b2bd-18f4787543fb", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1f619613-a39f-5ed6-ba1b-6e0f7d740978", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6d8255f3-7db6-56bb-bbf2-ab7cd4556556", "id": "CVE-2025-46701", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-46701 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:af62f608-a90a-5c54-8836-db946224b198", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b46dd9e8-66d3-5ed1-8b25-fd953b6986b3", "id": "CVE-2025-48989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48989 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:05ef4346-9c25-5d2e-8133-04990450c0a4", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7c52a924-ffef-5cbc-a4ac-881f883191ef", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b0832bdd-4e4b-52c4-92a5-d187a87f9017", "id": "CVE-2025-52434", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52434 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a4019e3d-baa1-55af-a4bc-472740fe8c39", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:56cf416a-009e-5e1a-bc7b-88ca828dccdf", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:763203c0-c034-5d92-ac10-bfda5fb4eb4f", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e9c47897-3027-5716-899d-b6aba413dfa4", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:dbe04ccd-edd6-5dbc-a944-ce9bae2f3434", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f3be4ac7-c7ee-5634-ba9c-345ad5bc0c4b", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f9e88ada-98f3-5e91-9807-a0463d7319aa", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cca5cc86-7f6a-57e1-b813-704e7e1e54de", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5fece704-124f-59cb-893b-b7c1998bb0fe", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:35a3cd94-a846-5207-bfbe-ae710295e9f5", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:428f97f5-df09-59a1-ab3f-895e6615508f", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4f906476-e869-5f32-85a5-b1a7c47e239a", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ce9feebe-792d-5dde-8d55-9a0bab00e55d", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9fdfb452-b142-543c-8734-880c1705affb", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.50-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.4" } ] }