{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:287f0f94-76ff-5468-84c2-ee51bd2401a2", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.8", "type": "library", "group": "org.apache.tomcat", "name": "tomcat", "version": "8.5.100-tuxcare.8", "purl": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.8" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:5018846a-2360-58f0-bd70-4f6a4bf730f3", "id": "CVE-2016-0762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-0762 affects version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:a154d312-3195-5aa7-b5a8-f6a67969b228", "id": "CVE-2016-0763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-0763 affects version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:fc7b3e48-ae5a-51cb-990c-b933ffe82da8", "id": "CVE-2016-5018", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5018 affects version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:b264c81f-f71e-5f99-a2bb-38b5a4badfdc", "id": "CVE-2016-6794", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6794 affects version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:25bd551a-cf17-5b9e-a9c6-f289aaa39be0", "id": "CVE-2016-6796", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6796 affects version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:0303bd83-79b4-5287-a033-4caa049e4531", "id": "CVE-2016-6797", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6797 affects version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:6008354e-aaf8-5f41-91f8-ea3cc83ecc6a", "id": "CVE-2016-6816", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6816 affects version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:4f6a4e30-103a-50cb-9902-a95802a64772", "id": "CVE-2016-6817", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6817 affects version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:6a5bdb43-728f-56cb-834a-223d69c758ee", "id": "CVE-2016-8745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8745 affects version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:50614c11-1a31-50b9-8858-53f2ab97c52b", "id": "CVE-2016-8747", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8747 affects version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:0bd62b2a-87fd-5ea3-bf71-e010939cbe07", "id": "CVE-2017-12617", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-12617 affects version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:34557d5a-e3ce-5508-961f-20fc1b3be5ae", "id": "CVE-2017-5647", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-5647 affects version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:414a76e3-ac61-5afe-8c19-e53f3734429f", "id": "CVE-2017-5648", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-5648 affects version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:85d748d3-433d-54c6-8245-018a273e22b2", "id": "CVE-2017-5650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-5650 affects version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:8c32d700-3346-5c3f-b44f-6b7a3af7b821", "id": "CVE-2017-5651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-5651 affects version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:105c2e1d-8f6f-5566-a2fc-f87e0388bb1e", "id": "CVE-2017-5664", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-5664 affects version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:25956f2e-6f7b-5045-894f-1e24959b3ff9", "id": "CVE-2017-7674", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7674 affects version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:c565b062-3ee0-578b-bee9-f402960965e6", "id": "CVE-2017-7675", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7675 affects version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:205fe16d-a2f8-5886-9aa3-f36da6583012", "id": "CVE-2018-1304", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1304 affects version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:02b5f30f-477d-510a-81af-2c2e71ff729d", "id": "CVE-2018-1305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1305 affects version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:48779412-1deb-5baa-9aa0-016a384785ba", "id": "CVE-2018-1336", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1336 affects version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:98893f33-75c3-5d69-ae73-cd7b76596d7c", "id": "CVE-2018-8014", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2018-8014 does not affect version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat. Tomcat Version 8.5.100 is not vulnerable to CVE-2018-8014. Confirmed by manual code inspection and security advisories." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:ac9c1556-07b8-5b57-84fd-e267c77eb14a", "id": "CVE-2018-8034", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2018-8034 does not affect version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat. Tomcat Version 8.5.100 is not vulnerable to CVE-2018-8034. Confirmed by manual code inspection and security advisories." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:9b75d29f-e48c-5b68-840a-bd8753d5c444", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:cf54a55f-7c6c-5c94-af26-6d19f326bf05", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:575af077-3e0c-554f-b36c-e8a435a2199f", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:fd86444a-19a8-5add-9201-aecfed9015f2", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.tomcat:tomcat 8.5.100-tuxcare.8." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:3dcab17c-94dc-5ea9-af3c-d40528d65de7", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:76d88fd9-30f8-58cd-8fb5-47253569a8f1", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:86239cc3-c575-5034-ab22-a8cefb3ffa23", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:2056c136-718e-5b56-a8e2-6a2bd1494293", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:c48d6e2f-7cec-5f6a-9df1-08e945a2ed37", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:3e9b5171-24fe-52a9-adeb-65238a2846ac", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:69a0010c-f954-503e-86dc-94c406e6d5a9", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:1fa4f1b5-3210-5a1f-a8e6-1ef00425e333", "id": "CVE-2024-34750", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34750 is fixed in version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:050f1df5-7c0a-5516-a7a9-3076e59cbda0", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:4537837d-2953-5f3d-a196-77b6b51087c6", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:e27cd5f4-cfd7-5644-ad36-18565907d855", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:52e1fafe-efba-5d5c-83d9-c70332e79014", "id": "CVE-2024-52317", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52317 is fixed in version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:48e76472-6194-5fa0-ac8a-124b65abe6d4", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:bf1c57b7-1750-5d9e-abc6-e5555f90fb4e", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:eba4b99a-850a-5825-94a5-cf5d91339832", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:22eb9e0d-5b72-56a7-b0dd-610c51feb71d", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:72d2ec1f-18f3-5d3d-8ec9-5bca76322f72", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:4b6420d6-c5bd-5acc-bf43-8713f31ba3d6", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:512faed7-693c-5123-84d7-72c5945874d4", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:0e1519f4-084f-56fb-a4af-bafaeb5ece15", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:f74383a4-b4f9-5356-b0da-7179e8850ed1", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:c260ccde-2de5-5b57-99fc-3c3f764051db", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:69c1d17b-223d-535e-87d6-3882bb1d0260", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:e9be73d9-68e5-5272-a611-356bfaa32b9b", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:b036fc95-4092-5dea-89e6-79193099fb00", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:672d7861-cb90-56b2-8573-63d4ab4d0237", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:583b0e42-6f4d-55a6-882e-a06239b0113a", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:a29840f9-88c5-5728-8f11-15b25dc8afc6", "id": "CVE-2025-66614", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-66614 is fixed in version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:2fa8993e-a17b-5d30-accd-3d0493a5a03e", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:666113c6-46ca-5453-8cfa-0630a82ba977", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:4b3efeef-6d44-5b2e-b59f-fa7334266b7c", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:5da14863-0851-5ce3-ad52-db15dbacef78", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:8048b5db-77ca-517b-b451-8203d46f6a84", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:c3f3ea55-0aac-568a-9fc4-fa34fabfd102", "id": "CVE-2026-34486", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34486 affects version 8.5.100-tuxcare.8 of org.apache.tomcat:tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.8" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat@8.5.100-tuxcare.8" } ] }