{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:8549bca8-84c6-51e1-95f0-6b68c0d0d4db", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.4", "type": "library", "group": "org.apache.tomcat", "name": "tomcat", "version": "8.5.100-tuxcare.4", "purl": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:009fd426-9fb0-5fc6-a0f1-5988852baf7c", "id": "CVE-2016-0762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-0762 affects version 8.5.100-tuxcare.4 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7e428c74-72da-5fe2-be28-21db5d85ca97", "id": "CVE-2016-0763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-0763 affects version 8.5.100-tuxcare.4 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a3d8805c-cb45-5171-8a1e-1a91c88e4367", "id": "CVE-2016-5018", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5018 affects version 8.5.100-tuxcare.4 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8bc56a7c-0fd0-5a9e-abac-79764fca9369", "id": "CVE-2016-6794", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6794 affects version 8.5.100-tuxcare.4 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8399473c-3f05-5df1-b4cf-3aa88dbe9835", "id": "CVE-2016-6796", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6796 affects version 8.5.100-tuxcare.4 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fdf26f5e-a3f8-52e0-abeb-90bcb30fca49", "id": "CVE-2016-6797", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6797 affects version 8.5.100-tuxcare.4 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:da33fcbd-8d58-5314-9ac5-25d42b4b58e0", "id": "CVE-2016-6816", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6816 affects version 8.5.100-tuxcare.4 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:20a81f09-5bdb-56f5-b9ab-b9bd0120f616", "id": "CVE-2016-6817", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6817 affects version 8.5.100-tuxcare.4 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4b81d9e2-92b2-5077-8aec-b4daadf0850a", "id": "CVE-2016-8745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8745 affects version 8.5.100-tuxcare.4 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:675fe7bc-83e6-5d31-b75c-d31194b3b65e", "id": "CVE-2016-8747", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8747 affects version 8.5.100-tuxcare.4 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:17af647d-adda-5d7d-ac84-033b6616859e", "id": "CVE-2017-12617", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-12617 affects version 8.5.100-tuxcare.4 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fa641eb5-04a4-51f1-8f52-a4fa07630ad4", "id": "CVE-2017-5647", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-5647 affects version 8.5.100-tuxcare.4 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7fba5a91-5062-5592-a67c-d655eeb912d6", "id": "CVE-2017-5648", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-5648 affects version 8.5.100-tuxcare.4 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fa86a3a7-af49-501c-8333-92be7875f030", "id": "CVE-2017-5650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-5650 affects version 8.5.100-tuxcare.4 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6cd208b1-b97a-5626-bec7-8f5d06608ae4", "id": "CVE-2017-5651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-5651 affects version 8.5.100-tuxcare.4 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:315ef341-32d4-55a3-bd0e-e99be57d6cd6", "id": "CVE-2017-5664", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-5664 affects version 8.5.100-tuxcare.4 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ab348b21-423f-51de-bf9f-b6e34d6ca5c5", "id": "CVE-2017-7674", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7674 affects version 8.5.100-tuxcare.4 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6c09e577-5ba5-5bf5-b0b0-d285ea455035", "id": "CVE-2017-7675", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7675 affects version 8.5.100-tuxcare.4 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ff88f3ad-4fb7-5d39-8ed4-5f228ca7ee15", "id": "CVE-2018-1304", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1304 affects version 8.5.100-tuxcare.4 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0b6e0379-afd7-5362-affc-5c90103ae78e", "id": "CVE-2018-1305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1305 affects version 8.5.100-tuxcare.4 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d71e3c60-461b-5563-a5be-9ce0eecb4aa7", "id": "CVE-2018-1336", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1336 affects version 8.5.100-tuxcare.4 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6d5b3d6e-8aca-501f-903b-3b0c20bd3681", "id": "CVE-2018-8014", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8014 affects version 8.5.100-tuxcare.4 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b3e47d35-ab26-590a-834d-7c41374025af", "id": "CVE-2018-8034", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8034 affects version 8.5.100-tuxcare.4 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4677f57c-aa2c-5ae6-adc9-49b3957208a3", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 8.5.100-tuxcare.4 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bc43812c-b268-54cb-9646-07d1e7cad2ac", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 8.5.100-tuxcare.4 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:761ce9e2-bd97-5d64-8c33-d46d193b8b84", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 8.5.100-tuxcare.4 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ea1ede77-94bb-5db4-a508-565026555c71", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.tomcat:tomcat 8.5.100-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9130f02f-9698-5cc1-8d14-78878729170a", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 8.5.100-tuxcare.4 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:028c0d16-5303-5378-b70c-0cc0488c27ea", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 8.5.100-tuxcare.4 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6157caf5-5e5e-5350-8f62-74ab6d462bdd", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 8.5.100-tuxcare.4 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6949d8db-afbe-572f-874c-bae66e033c31", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 8.5.100-tuxcare.4 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:759b3c83-a701-5287-8102-07121340cc97", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 8.5.100-tuxcare.4 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c09945fc-ff18-5e32-ad80-9adf2f9b2e33", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 8.5.100-tuxcare.4 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fcc7891c-3a8e-5f9b-8ab9-a8cff915fd87", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 8.5.100-tuxcare.4 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8f0f3282-a671-54a0-a5ed-ce5389503464", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 8.5.100-tuxcare.4 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8bc668b6-23a8-5f83-ac6b-08a0d5995476", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 8.5.100-tuxcare.4 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9ae7fff4-0438-5826-9288-38a1c8b8c0ff", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 8.5.100-tuxcare.4 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b8c95c3e-0f77-509f-a9f5-96af56e47f01", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 8.5.100-tuxcare.4 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ca712600-7295-5a42-97b8-cb378d04a8ac", "id": "CVE-2024-52317", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52317 is fixed in version 8.5.100-tuxcare.4 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2985ce50-dae1-5d97-96c5-f1d75df6c936", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 8.5.100-tuxcare.4 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:845c3d12-8b75-5036-845a-8741f95c1c31", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 8.5.100-tuxcare.4 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:25f83603-4c15-5132-aa54-e7a60282660a", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 8.5.100-tuxcare.4 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:22147d94-69d4-5f1f-bdf8-c5953b2387e8", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 8.5.100-tuxcare.4 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:df9e7c9b-c542-5f16-a210-85b0e33e9061", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 8.5.100-tuxcare.4 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3304d392-8612-5e9a-8808-4e2612ca8dab", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 8.5.100-tuxcare.4 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0b9d9bb3-e7b2-5b1e-9157-96920478e722", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 8.5.100-tuxcare.4 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:72df4898-4ba7-5504-9260-957f2046cd35", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 8.5.100-tuxcare.4 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3a17cc49-9055-50de-9e7f-d8fa5e68a9ff", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 8.5.100-tuxcare.4 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fd05aebe-066a-552c-9953-bcec515721fd", "id": "CVE-2025-52520", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52520 affects version 8.5.100-tuxcare.4 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f534b2a6-ea39-557e-ae41-d4c5ec73f929", "id": "CVE-2025-53506", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-53506 affects version 8.5.100-tuxcare.4 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d43610ae-23e1-5272-8af0-06b4fc9e7b35", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 8.5.100-tuxcare.4 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b42f3c8d-71b1-5dbb-9f4e-f8750f85237c", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 8.5.100-tuxcare.4 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0ddf5153-224d-5a0e-a4ce-2983fb40d8f2", "id": "CVE-2025-55754", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55754 affects version 8.5.100-tuxcare.4 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ea5fc66d-9479-5abb-b361-049f0607b871", "id": "CVE-2025-61795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-61795 affects version 8.5.100-tuxcare.4 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c4b69690-9b22-5645-815f-0ae2079664cf", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 8.5.100-tuxcare.4 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cc6c2233-9603-530d-862b-9a7119bf5b76", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 8.5.100-tuxcare.4 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4ad7ee01-f5a8-5ab4-99b2-830df387c914", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 8.5.100-tuxcare.4 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f1589459-58da-55aa-903d-85f1f72ec2f9", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 8.5.100-tuxcare.4 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:469b6d0a-a48b-5086-b7bd-a6f126cfa320", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 8.5.100-tuxcare.4 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f95d08b3-ff97-5b80-bc6f-a036a795f96f", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 8.5.100-tuxcare.4 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.4" } ] }