{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:7019c1f8-2825-5820-ae42-538b446275f9", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.100-tuxcare.8", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-catalina", "version": "8.5.100-tuxcare.8", "purl": "pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.100-tuxcare.8" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:273713b3-f0ff-5dbe-8107-cc425d8f0fc5", "id": "CVE-2016-0762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-0762 affects version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:037315b7-9fd9-5748-ba9b-ef4d6f5ababb", "id": "CVE-2016-0763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-0763 affects version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:7ad80db5-1448-58a4-85ef-b155453917fb", "id": "CVE-2016-5018", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5018 affects version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:01147d89-ab38-5ec6-944f-5ece80f05d52", "id": "CVE-2016-6794", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6794 affects version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:7522d684-938d-59f6-82ef-56393f628b9b", "id": "CVE-2016-6796", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6796 affects version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:080892cd-20f5-5d19-877f-13951b2a868e", "id": "CVE-2016-6797", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6797 affects version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:85dddf49-4dc3-5099-ace5-921b66591d94", "id": "CVE-2016-6816", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6816 affects version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:81691af8-8a8d-558f-8b1f-083fab2ddfa1", "id": "CVE-2016-6817", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6817 affects version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:5152bbcd-8ea1-5277-907e-3d27c1f3281f", "id": "CVE-2016-8745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8745 affects version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:759dbb82-0d09-523a-b4ce-8ea447996a28", "id": "CVE-2016-8747", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8747 affects version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:59563c95-34d4-5aec-864c-7a4bf1e6fdcf", "id": "CVE-2017-12617", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-12617 affects version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:fabc0240-f750-57fc-b493-50ba3e8bce66", "id": "CVE-2017-5647", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-5647 affects version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:8e15eaac-9f6c-5927-9ce0-1ddad98deb87", "id": "CVE-2017-5648", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-5648 affects version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:ff613703-4d43-5a22-9e6f-2184059dca65", "id": "CVE-2017-5650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-5650 affects version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:0c3e2daa-9020-59a0-a569-2ee59d935391", "id": "CVE-2017-5651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-5651 affects version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:c67ff995-cd04-50d5-820c-0d2975c2dc27", "id": "CVE-2017-5664", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-5664 affects version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:cdb11520-1a31-53dd-abb8-adeced3a9fba", "id": "CVE-2017-7674", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7674 affects version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:32b653b5-424c-5244-895d-4b5674d576ea", "id": "CVE-2017-7675", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7675 affects version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:11eb5433-6b3f-50d0-b9b1-1189454fda72", "id": "CVE-2018-1304", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1304 affects version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:17cd7712-9b0e-576c-bba0-155d9597775b", "id": "CVE-2018-1305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1305 affects version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:9d7a7023-b601-5789-bf22-c2115091c64e", "id": "CVE-2018-1336", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1336 affects version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:356eba72-3205-58e6-83c3-d9ba5afe8d31", "id": "CVE-2018-8014", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2018-8014 does not affect version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat-catalina. Tomcat Version 8.5.100 is not vulnerable to CVE-2018-8014. Confirmed by manual code inspection and security advisories." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:45b58a04-0642-5ebd-9305-670dc47e1b68", "id": "CVE-2018-8034", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2018-8034 does not affect version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat-catalina. Tomcat Version 8.5.100 is not vulnerable to CVE-2018-8034. Confirmed by manual code inspection and security advisories." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:4782b2df-d8ac-58b6-8b48-2050744edcca", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:7c25dc95-3575-5007-bd27-4953161c6bca", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:f647ae9d-e348-5034-8427-0a2d61888f55", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:357a67bc-4fe6-5a9d-9c42-add4023cb83b", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.tomcat:tomcat-catalina 8.5.100-tuxcare.8." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:287e8c0c-16cf-5909-9a20-55dbfad3ef7b", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:6b4481e1-aba2-5ba9-99ec-86c64e998f59", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:77964528-f44d-5896-bf96-1992d22fe1a7", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:e47354dd-e3e7-5722-bb43-db11eed6479e", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:b3497afe-6f21-5106-9c9b-dfd1dc0d9bae", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:2261f3cd-9bf3-5fa8-aa37-76026701478a", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:b116330a-3d7c-5bb5-9fbd-e7944bf80fcf", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:8daee608-9ec5-581e-a18b-06299d6e1a77", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:f3803c42-d216-5369-bdb9-20f9d44d58c0", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:bba9f0d1-6257-5c6b-b9a6-ceedf1a2a5f3", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:12b98cfa-d042-5438-9500-3ee49be725de", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:aa21cfe5-3aed-5cfe-a739-70880e90091a", "id": "CVE-2024-52317", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52317 is fixed in version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:cb9ce8f3-b1c8-5d34-81c4-ccdc54ba714c", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:5cc490b9-054b-557b-8271-5f87fdbfccc8", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:3b1daf95-ba79-53d1-b2cb-fd2d2b14f11d", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:4595bfcd-8fc7-562c-85ba-d126ad81fbde", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:5f519ffe-2cb1-53c6-ac1b-1c061c611d92", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:a334301e-f267-5b48-ae22-c6153c1ad395", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:5060c9b0-989a-52ca-a096-b90a3e6348e7", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:0af5a2e9-1121-5aeb-a971-e2d6b6bc43b9", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:0222eadd-1501-5905-a701-f10b90410e1d", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:06ab8fba-b209-530b-badd-64c0ab7cba4c", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:86825f50-14e7-5662-9693-1a1ea072f94e", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:fcbdb4f2-3f6f-51f4-a8d1-ecaf645bf0bf", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:434a4a7e-8d11-51c1-a5e0-9c00bdf51350", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:a989ab8f-4d1e-537d-8376-c4f2d9daae3c", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:7763c8bb-ef05-541e-86f4-97c730278c0b", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:f705508b-145d-5711-89cd-a73aae1dabb8", "id": "CVE-2025-66614", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-66614 is fixed in version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:781df12a-078a-52c6-85d6-e34156e9b533", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:3b5203a4-8723-51b2-bbf4-b78d3af3f225", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:51914cd8-0978-5926-91e3-06f3ff99b825", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:2c9d0e50-e70d-5ecc-97f9-cf41d7125c41", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:c951e2ed-2f90-5f6c-9b8c-7e7ccc1b3610", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:9fe55b3b-3f52-53f6-9e9e-305fdc614397", "id": "CVE-2026-34486", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34486 affects version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat-catalina." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.100-tuxcare.8" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina@8.5.100-tuxcare.8" } ] }