{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:c29a3ec8-fbed-5eb3-b042-af9d8d0a0f5c", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100.tuxcare.2", "type": "library", "group": "org.apache.tomcat", "name": "tomcat", "version": "8.5.100.tuxcare.2", "purl": "pkg:maven/org.apache.tomcat/tomcat@8.5.100.tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:97163280-81d7-5f45-9e1c-522c7023e2ac", "id": "CVE-2016-0762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-0762 affects version 8.5.100.tuxcare.2 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6c4fafbc-23bc-5dda-a4c2-3a95ae2e607d", "id": "CVE-2016-0763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-0763 affects version 8.5.100.tuxcare.2 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:35b1bbc5-a9d6-5dfe-af5c-cab05e1f2ac5", "id": "CVE-2016-5018", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5018 affects version 8.5.100.tuxcare.2 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1782f249-4524-5583-ac4b-1749643e1032", "id": "CVE-2016-6794", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6794 affects version 8.5.100.tuxcare.2 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0a6455ce-2877-5bcf-9012-66d2a1abfaa5", "id": "CVE-2016-6796", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6796 affects version 8.5.100.tuxcare.2 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8224b897-9e7c-505f-893b-322e7d49302e", "id": "CVE-2016-6797", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6797 affects version 8.5.100.tuxcare.2 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b407afd5-62c7-51c5-9840-88ffdc19571b", "id": "CVE-2016-6816", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6816 affects version 8.5.100.tuxcare.2 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:78e59c7b-4013-579f-a45c-1cd655ee459b", "id": "CVE-2016-6817", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6817 affects version 8.5.100.tuxcare.2 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c63c8fac-984b-5b02-887f-9964a6bd5d9f", "id": "CVE-2016-8745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8745 affects version 8.5.100.tuxcare.2 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6fcbcaae-6c1b-5cc2-b9ef-fdf0f2647898", "id": "CVE-2016-8747", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8747 affects version 8.5.100.tuxcare.2 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:21d90b45-408a-50f8-93dc-f5c4f1981131", "id": "CVE-2017-12617", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-12617 affects version 8.5.100.tuxcare.2 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ddc5e86b-3830-5a17-bf6c-d1d677b9c09e", "id": "CVE-2017-5647", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-5647 affects version 8.5.100.tuxcare.2 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7197900c-77ad-5776-86b1-d4bb3079be6b", "id": "CVE-2017-5648", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-5648 affects version 8.5.100.tuxcare.2 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:765d82e8-9d9e-501d-b76a-1d8f4420981d", "id": "CVE-2017-5650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-5650 affects version 8.5.100.tuxcare.2 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d5539bb5-e2ea-5119-bcf4-463ea5dff817", "id": "CVE-2017-5651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-5651 affects version 8.5.100.tuxcare.2 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:597a0a38-494b-5118-8630-63699476f5ee", "id": "CVE-2017-5664", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-5664 affects version 8.5.100.tuxcare.2 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f483c9dc-8723-598a-bb88-dc59c0a25771", "id": "CVE-2017-7674", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7674 affects version 8.5.100.tuxcare.2 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:abdb0fe4-dcbc-5082-a5ea-2b76ba9ad2de", "id": "CVE-2017-7675", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7675 affects version 8.5.100.tuxcare.2 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dc878716-6372-57a8-878d-06a9d0293d1d", "id": "CVE-2018-1304", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1304 affects version 8.5.100.tuxcare.2 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3ab2415f-4287-58a2-a9f8-1e94e6406e8a", "id": "CVE-2018-1305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1305 affects version 8.5.100.tuxcare.2 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:32727c95-a42f-543a-9bc3-ac56af84e440", "id": "CVE-2018-1336", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1336 affects version 8.5.100.tuxcare.2 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b25e857c-0540-5590-841f-b4c8650acc65", "id": "CVE-2018-8014", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8014 affects version 8.5.100.tuxcare.2 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ebabd9b1-0a01-5bdf-93a9-5d61ad149a31", "id": "CVE-2018-8034", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8034 affects version 8.5.100.tuxcare.2 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4dd2dbe4-a0c2-5a90-b6d8-5a663a2c244f", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 8.5.100.tuxcare.2 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1b467190-394b-52cc-aed8-ec581e3210ea", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 8.5.100.tuxcare.2 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b0825d61-a7b4-5573-958c-ca328ca8df00", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 8.5.100.tuxcare.2 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f18e674b-e9b2-560e-96ef-bb032485474a", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.tomcat:tomcat 8.5.100.tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b0102fcd-d22a-5d80-a4f1-4889c3e3982e", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 8.5.100.tuxcare.2 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:28ae0d4c-9139-5282-bbb1-f5af54f297bb", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 8.5.100.tuxcare.2 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6aa41c4c-9c67-5a02-9def-0ba4d695f7ef", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 8.5.100.tuxcare.2 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3609e9c1-bf07-5404-ba95-e72497616d6a", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 8.5.100.tuxcare.2 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a4a08006-3ed6-5351-9046-8be860235e63", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 8.5.100.tuxcare.2 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5c93ce63-b3d1-5306-9eaa-76ed2e741186", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 8.5.100.tuxcare.2 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:914da1aa-d9da-598a-a2b0-b2129b34ab97", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 8.5.100.tuxcare.2 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2951f642-f26e-53fc-afe7-7751621753b3", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 8.5.100.tuxcare.2 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:187f2a27-4294-58fc-99d1-18d8e91b32e2", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 8.5.100.tuxcare.2 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:86850f12-1bfb-583f-b496-195661bd6336", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 8.5.100.tuxcare.2 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:212bb926-eb35-5f61-9cf7-6579de3a272c", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 8.5.100.tuxcare.2 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:717829b8-6355-5b68-8d74-2bfa994e7c48", "id": "CVE-2024-52317", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52317 is fixed in version 8.5.100.tuxcare.2 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c23d6ae0-54a3-5181-80fd-d13c806f9aea", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 8.5.100.tuxcare.2 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2f2cc173-2ee3-5d7f-9135-4cec90c0201e", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 8.5.100.tuxcare.2 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bd4a212c-4497-5fad-b75f-552cbd6f2abc", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 8.5.100.tuxcare.2 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f13a39cb-5863-5772-9a96-c0cb0cff8221", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 8.5.100.tuxcare.2 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:91e4df36-b5f6-54c8-bc8e-bde9923ed0d8", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 8.5.100.tuxcare.2 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bb1a4ea1-9a3b-58bc-b5dd-fa7b2bc3d65a", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 8.5.100.tuxcare.2 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c58170da-b87d-58bd-ae28-d6bd7d2236a8", "id": "CVE-2025-48989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48989 affects version 8.5.100.tuxcare.2 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5624c22e-5872-54a9-bf48-97041e9af7cf", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 8.5.100.tuxcare.2 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:114d8410-2093-5181-8939-6fbfdb14cce3", "id": "CVE-2025-52434", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52434 affects version 8.5.100.tuxcare.2 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:732ff90e-b167-52e1-ad8f-7ac6ebe2c526", "id": "CVE-2025-52520", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52520 affects version 8.5.100.tuxcare.2 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:04429eb2-2087-58c3-968e-f7224534091e", "id": "CVE-2025-53506", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-53506 affects version 8.5.100.tuxcare.2 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3f1a7a4f-a997-5cd5-a1cf-501fdf868692", "id": "CVE-2025-55668", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55668 affects version 8.5.100.tuxcare.2 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dd524929-98d1-52fa-8548-acea0e9ab653", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 8.5.100.tuxcare.2 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:929cb9af-ad9a-50ab-99bc-f89bf519a93c", "id": "CVE-2025-55754", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55754 affects version 8.5.100.tuxcare.2 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:399ef636-020c-5723-bd1f-4b52c7e9843a", "id": "CVE-2025-61795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-61795 affects version 8.5.100.tuxcare.2 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2370cf18-98da-5547-85f9-2757defd88c5", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 8.5.100.tuxcare.2 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1f040f41-ef08-5d3b-8691-586b6947ae47", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 8.5.100.tuxcare.2 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5caa532f-038d-5f04-8dcb-70522fbdb2da", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 8.5.100.tuxcare.2 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:aee26de0-706b-5890-ae77-968f6f2d5f4e", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 8.5.100.tuxcare.2 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:96b091c1-89fd-5eb8-86b8-b5e8798c7775", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 8.5.100.tuxcare.2 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100.tuxcare.2" } ] }, { "bom-ref": "urn:uuid:265f0c7c-09f3-5393-8c2d-9484b259e3dc", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 8.5.100.tuxcare.2 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100.tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100.tuxcare.2" } ] }