{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:d316f6ba-3130-5594-8bc6-e789a33083a8", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.6", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-websocket", "version": "9.0.50-tuxcare.6", "purl": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.6" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:54197ebd-a469-569a-8025-1fe8c287481a", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:3a134a8e-9fc1-58a8-82bf-691446dd89b4", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:6bc272c2-3f5b-5f15-acde-6e1b86595044", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:4a02ea63-7b60-5d55-be55-9e26c9cd65c4", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:a8c9703c-1360-5d22-9dc8-e6e9a2d727b0", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:5719e90f-8406-50c0-966e-cc3ffeb4aa46", "id": "CVE-2021-42340", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-42340 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:a31a9fe4-9da3-54c5-a34b-5952151295eb", "id": "CVE-2021-43980", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43980 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:fe4a6c2a-197f-5ea5-9534-e4594bacb4b2", "id": "CVE-2022-23181", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-23181 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:9d889bed-8244-5d39-8832-ce8afe9e438d", "id": "CVE-2022-29885", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-29885 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:6cb29b3d-e2bc-520c-ba07-1333bbdf9b8c", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:cdd55b98-dd18-5285-8df2-148a52c63fec", "id": "CVE-2022-42252", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-42252 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:62b46fd0-62e1-5e4e-9e77-e83435878e2d", "id": "CVE-2022-45143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-45143 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:dea5aeb8-1c6b-5b90-b257-b1c20572ee51", "id": "CVE-2023-24998", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-24998 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:4662f1c5-dd99-580b-a14b-09805520d6fd", "id": "CVE-2023-28708", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-28708 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:ecb814aa-11de-504e-89dd-a11e79edb9fd", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:62deceef-d8f4-507d-b806-9c4f7aa0af32", "id": "CVE-2023-42795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42795 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:f03af68b-2e8c-5a0d-9345-9a90b1e4e45f", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:ddbe6fc1-7a18-5efe-a309-9cbd042b6157", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:ca1c9d53-700d-5818-b94d-a3c7881870e0", "id": "CVE-2023-46589", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-46589 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:7a5e3565-69e4-5dfb-b668-674661df8c57", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:54f0f394-7cb8-5853-83fe-94e7e55bc93d", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:45132cb2-5235-54f0-aedf-8076b6119113", "id": "CVE-2024-34750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-34750 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:a99947f6-3faa-5173-96dc-4c651f1d4164", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:c51aa3ad-fc84-5eb4-9ffc-a46399cda9bc", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:7372121c-4c30-5dac-8375-b39d236ba5cf", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:4a76a3f7-e443-5ec0-a04e-975f8507bad5", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:b5f014f2-caec-51a7-91c6-f7efe4091e73", "id": "CVE-2024-56337", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56337 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:af3f9e74-6eab-57fb-961c-3c0327bf89ef", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:cb7101d2-3a49-5ad5-a7c2-c368a2439f95", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:0a1a1962-279f-5279-aaec-633b9f637127", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:eda9981e-1576-5ac2-953b-4a2eb6449130", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:04aaa5cd-6259-5c12-895e-6af34a7cdf9a", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:67e3829e-822a-5ef7-9bab-d34bbb1e7361", "id": "CVE-2025-48989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48989 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:bcd471c2-c2f1-5cac-a1b2-c4f4954bd98f", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:700a1237-63dc-574a-9672-ddc96eb209c6", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:8e1199e3-60b0-51c5-9c1c-7071813a39d5", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:9250d90d-9099-5ed3-baad-6b8e8b2791a6", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:5a8d6f84-a9bc-5974-a940-a78a02cf9670", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:162a0963-1c99-51de-a8f0-da8069ecbbbe", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:61c31228-565c-5b35-9577-2c61473c6bac", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:67724f1e-5183-58a5-91d2-538e24a2f025", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:8ac01161-85dc-552e-a4b9-0a8bcb025787", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:40f61aba-91c6-502b-abbf-1d96e6c8fb6d", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:de5753a3-531a-5cc1-92fd-7c767b74d58c", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:00dec91c-ba77-5a4e-8cf2-6cdb203f06ac", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:5159ee43-c75e-5e03-9918-e714922750f1", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:79f4b2df-07f1-51ee-ade9-db25b64a82d1", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:453304bc-3595-59c0-85d6-e45e091fcef7", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:a5f07e94-9b26-5e37-a5fe-38a31287a7a2", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:3aed0750-a1ee-5426-a08c-963f31f97f1c", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.50-tuxcare.6 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.6" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.6" } ] }