{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:a470225f-d3a6-5d10-ab13-e6d36b55d320", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.4", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-websocket", "version": "9.0.87-tuxcare.4", "purl": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:339d6193-be5c-5ab8-8ddd-3e003911aeac", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ccbf2569-3b02-5c98-9a53-3aebacad915c", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:de327c72-f2da-5d25-88e0-0c5618dc7bf6", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bce5686e-69f5-512e-ad8c-c6bfd149ef6a", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fd5d10f0-59a9-546d-a856-da41bbbc95a1", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:811b03c1-c989-557f-899d-4678c7280ed4", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ba6c3f1b-54da-5271-acbc-671bef818868", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:dbeedc1e-fd90-5127-bd6c-54512a386ed1", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8dc4b7fb-55a5-5efd-a361-4dcec0888d83", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6b23c6e7-2245-5c95-9ae5-57ea1e10a021", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b56952e6-a431-5673-a395-9461615ba699", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:70b9c769-2a96-5b54-9098-5ef4fd73d23d", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f6fabe8e-ba90-5d92-92e3-a0b2da9c2cc0", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:242482f2-4505-5281-81cb-05d905ad70ea", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:196e908b-1654-5b87-afaf-9168c3b5398a", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9a5092bb-f502-5d6d-b14d-65ba6b9c676c", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ef02680b-d50e-568f-8f9a-c7841cc5a855", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:97cc4eca-212a-5ae6-876f-fdb5edb7f5f2", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ac529055-1686-5403-accf-d85157d42628", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9a30b40c-447c-502e-8fa5-c426be31326c", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d075bbcb-c83e-5a70-91f6-b7f146049837", "id": "CVE-2025-48988", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48988 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3ac3bd90-d5ec-52db-b9ff-0dacbcd795a4", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:17a6fec8-eaf0-57c5-819d-1be419e98929", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:73f6a5bb-a644-5fa3-adc9-84514cca4861", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:749fa096-be4c-5961-9bc3-12d816ba8e2a", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:64731ee2-316b-509a-8aa3-3db0be22d92c", "id": "CVE-2025-52520", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52520 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1d01e0ac-3228-5fa3-9d09-6b9f89b56c85", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d6ea09ef-65aa-5c95-bf43-48a65c8b2b2a", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:18c2a804-7463-5cb9-b5d4-b4e308f1b994", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:01cb5a11-d421-5577-9299-ffb753fcc1e2", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7a5c27bc-6ed4-5154-bca9-3dbd249d3f1b", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:379a8211-c3de-5171-b0cc-9feb863e4a47", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:25df747e-2428-5c3c-a55d-d5e446c345eb", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:93ea2fa4-d28e-5798-acce-3a50995e5ec6", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c9aecdeb-0215-52aa-83e3-1307d9aa2ef2", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f1389e2c-457f-5172-9aad-139b0b52e917", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d334ab99-2fe5-5b6e-a395-d5389958f918", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:90fe05d2-ebff-5066-a52e-5818adff01dd", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0353d95b-e985-5c1c-b5c3-3b36a83e70d8", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3e95002c-19ed-5704-9629-6c36ac35edfa", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:298c24c7-0f5d-53d3-aa3c-b713d6db8416", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.87-tuxcare.4 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.87-tuxcare.4" } ] }