{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:b3117b9a-8d07-56c7-a63b-e68f36a05de7", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.1", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-websocket", "version": "9.0.87-tuxcare.1", "purl": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:bfb42286-6551-5302-88eb-ae07886a5e94", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d399e642-5162-5754-9047-26a51a047600", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:96f8413e-eac4-5f1a-ba19-e3305ccf8e4a", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a67700bf-32cf-5e61-98f5-aa988326da07", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:12fb9919-75f2-5d76-991e-9ee25091f9cc", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a970a76e-9ad2-5f0d-b71b-55bf0932e828", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fb6d3a0b-5e2a-55a4-b06b-f822f68e5872", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7405e340-5857-54a8-a7a6-9534a7bed43e", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bb2d162a-6e08-5f22-b8b3-2f280fda43b5", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:53ceb213-ea83-5dfa-9f38-f4f8167abd2e", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d7efaa95-8c48-53a7-b422-822753a5fc7a", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fb3429c1-d982-5f4e-b07a-4fa4a485708b", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:908f010a-06db-5734-972b-45ea339e9759", "id": "CVE-2024-50379", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-50379 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1f4e6fba-33e7-51a6-a6c4-383a110c8027", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:143f5903-de08-56e0-b093-512391b2da1b", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3cffeeb4-15bc-5cf6-827a-5365bec0e5b1", "id": "CVE-2024-56337", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56337 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5d5062a3-13fa-5d8f-8514-4956d0e58287", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7580f3fe-ae2c-59c0-89b2-8b5aae6f99eb", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6da70e05-be80-532a-81f5-a2a5f272357b", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:da9244d3-9b49-5648-aa76-ff53e9c4d7b5", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1a238e9f-b71e-5ba5-9e6e-4a696cb90378", "id": "CVE-2025-48988", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48988 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:94594a80-1169-5d29-9a25-b4486c5ceb94", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cd19c063-fb1b-55e5-972c-928753e8896d", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:28e4efcf-55af-5185-97c2-f606b9b12370", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8aca3cb7-fdaa-5f1d-bc15-5bd2b2707a6b", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5905b76c-cda5-5ca3-8b44-572196fddc27", "id": "CVE-2025-52520", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52520 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:888707a9-ca92-5d2b-9b9a-4de0cd31ced8", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bf09af63-90bd-5975-b4b7-5a1e7cdde6df", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5e3bf4cf-c4b0-5b16-b46a-a6bafb0867d1", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e7560e18-3e79-55f3-bb13-4c3c3e9843d5", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6adeaf16-4b68-577a-a30c-bf1f0a5fd1a9", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:68de39ff-bb0a-5db4-afee-ddbfb53d78fb", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:60080a28-6d5c-5b9f-8df5-c0a36b788091", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0664aa73-68e3-5c9d-b3ed-4d95b55b95d4", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:80810304-61b9-5661-87fe-f610ab4ad594", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:022ca21a-e87c-5fe4-879a-c1e3f8e1759c", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:20e6f24e-1a13-50ec-a709-8fec25beba3d", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:720bbaaa-6c7d-53fe-8439-2797d8ff6824", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c9652d8a-c831-5aa3-862d-e0757ca03c41", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:66fedae4-b6c7-5814-b572-a9005d88868e", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d6b6dc62-ce60-55ff-8a03-c1c9c6c009c2", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.87-tuxcare.1 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.1" } ] }