{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:256df9d8-e002-57d8-8368-af8a10c8a38d", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.75-tuxcare.2", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-websocket", "version": "9.0.75-tuxcare.2", "purl": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.75-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:9262183d-251f-5034-a781-ee7c13bcb835", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:aff7583a-6f01-5dbf-8477-9f3ff4502a84", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:62ccb55a-8008-533a-a748-686d35a130a4", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9988fff9-3d39-5b7f-afa7-7b7a8130730b", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6f119159-a84d-5298-8106-b400b1cafcda", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ecda5e45-8064-5c39-8bf7-c34a9685119f", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d73bc5cf-73a3-56db-8548-f7f48b05c70b", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dd3269b0-7e3d-50df-ba30-88945600e007", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e4d4a549-ab80-5d87-9a8d-2bcfac1ec902", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:91eeea20-55ef-50ca-b461-76ed0ee0cdd4", "id": "CVE-2023-42794", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42794 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6900c706-1fdf-56ea-a108-100a4c3cbcf0", "id": "CVE-2023-42795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42795 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:131a9673-2beb-584b-b8fc-6afafa7763a7", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ff92c7ab-9c3d-53ec-b61f-c01737294ab5", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1bfa24b7-40ff-58fc-bb55-5726d0fc2501", "id": "CVE-2023-46589", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-46589 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:57e4242d-eb3f-5221-a31e-2407752167b6", "id": "CVE-2024-23672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23672 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1a2219fb-cf6f-5da8-a002-0c805073de1a", "id": "CVE-2024-24549", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-24549 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ce23c8d8-2e9e-52c3-acf2-ea7f77235543", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fd5fcb1f-5827-5bd5-88fa-2c084c3a24c3", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e38f1120-0286-5582-ad19-3aabe9adbc39", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6a3ff2d0-a2b8-5413-807f-ec50f271ca3f", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:88d038ac-97de-5500-a098-5e7dfbbe4482", "id": "CVE-2024-54677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-54677 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c41405b9-5ea9-50a5-8926-b2afcf4a8ff4", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9ead3df3-427d-56d9-9bc4-6203bd15879b", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ad8d981f-4f1e-51d5-85db-2046506bc70e", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:51387816-31af-5d21-a396-be11dacea647", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:56703f90-1f81-5b40-8c6d-4d6c27bceaee", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:402e010c-87f9-5bde-a295-148ed610c2fd", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6512fc9e-1412-50ab-a410-135e021473bb", "id": "CVE-2025-48989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48989 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9b7a9e8b-676f-51a4-86ef-896eb30f3f3a", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:421358d6-f0ab-5165-9fb6-064873de14d6", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5c9882dd-9186-59ac-a9e2-b294702df97a", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5c6fa16e-ed05-59ca-927e-220b84f863b7", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:20ced522-70fe-5956-a785-afde30e024ed", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a1894494-b632-5394-870e-c0d9af4c9fb8", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9ea655a7-0840-585d-82ff-fd566ab5260c", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2bf6a66a-bcc5-5891-b54c-71fb975f5597", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f28b6f2f-6a76-5947-9d4f-41579da1f666", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:955760e0-b46a-520c-9745-63b95a580256", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:76b68f38-5b9a-5e25-b4eb-7f6c0ff37073", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:30a7a1b8-2ef6-5703-bc53-74693ac009dc", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6f117ced-c256-5996-bac4-adc67422bbba", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:22f78c11-a76c-588b-ab60-b1ae0a483a08", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a3cfe288-b387-50ab-a4e8-1271ce4960ae", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8425a12b-dae7-58ee-a348-021e0f230c2b", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.75-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:85842d2c-5e41-5a5e-96d6-b6368f3de9b9", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.75-tuxcare.2 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.75-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.75-tuxcare.2" } ] }