{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:791f31ea-9647-5770-81df-d70a4cde55ed", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@7.0.109-tuxcare.1", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-catalina-ha", "version": "7.0.109-tuxcare.1", "purl": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@7.0.109-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:537f763c-b164-5f39-ada6-2b88e87ab1f9", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d27f195c-8eaa-58d7-807d-e8b137a496da", "id": "CVE-2015-5174", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-5174 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:494a4adf-2135-546e-ae4f-6c39c0eddfd3", "id": "CVE-2015-5346", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-5346 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:af738afc-fe00-5883-ab4e-31449c02dfd5", "id": "CVE-2016-0706", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-0706 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8e5f81e9-4907-5d8a-8340-b8fcd198e869", "id": "CVE-2016-0762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-0762 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9faaee71-e3af-57b3-913d-a3f015077060", "id": "CVE-2016-0763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-0763 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ad27182e-25ff-50e1-b171-6acd099711a1", "id": "CVE-2016-5018", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5018 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f8ebda59-184c-53d6-bb34-0169ecfa89c8", "id": "CVE-2016-6794", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6794 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cc03e3d1-5496-532d-814f-d2177f600e1c", "id": "CVE-2016-6796", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6796 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1699c913-27e3-524a-9a53-4b40a1d1270c", "id": "CVE-2016-6797", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6797 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:23e11638-ac83-5be5-aa7a-4fa6d4193ab2", "id": "CVE-2016-6816", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6816 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ca460b89-21ca-5776-b6a4-7e09743d5dcf", "id": "CVE-2016-6817", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6817 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c4e2a645-d27c-5414-a749-6a2f9e145ce8", "id": "CVE-2016-8745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8745 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b52761eb-8f5a-5137-acfe-7add9d3f3a5f", "id": "CVE-2016-8747", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8747 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fc209694-8dd5-5ce3-80d7-17052d81a9de", "id": "CVE-2017-12617", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-12617 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:eaf90cf5-b2f4-5979-b27d-51af862516ed", "id": "CVE-2017-5647", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-5647 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:209f6aa3-cc22-5616-87c6-1198cbee137c", "id": "CVE-2017-5648", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-5648 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:21b12a94-54cd-5c8c-a5d8-d8076ec1df94", "id": "CVE-2017-5650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-5650 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d90b874d-71d4-5d3c-96b0-1fc82f6ee059", "id": "CVE-2017-5651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-5651 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b57f038a-13dc-57ec-a14c-04c0543e64b1", "id": "CVE-2017-5664", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-5664 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1b5642ad-8d15-5fc5-8e28-72e9cb96a21a", "id": "CVE-2017-7674", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7674 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:80bf9a63-419f-5d6b-9626-91e81898dd89", "id": "CVE-2017-7675", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7675 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:28af31a2-24d9-518b-a942-a1cdba426f73", "id": "CVE-2018-1304", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1304 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2facf43c-24da-52de-a5a4-b67bc133b054", "id": "CVE-2018-1305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1305 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:99d4b221-d32a-5f48-afff-6e43e6dfa9be", "id": "CVE-2018-1336", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1336 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:83fb998a-c5cd-5b89-93ad-dde316920822", "id": "CVE-2018-8014", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8014 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f0a30c42-f739-5217-87e7-62cd4c705de9", "id": "CVE-2018-8034", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8034 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:727cffa0-ead8-5946-bc75-75ef64348ee4", "id": "CVE-2019-12418", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-12418 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:97143f15-0f05-5b03-bc10-7101e719eb5a", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5299170c-d5ae-57bd-8db6-43ef0f805055", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ffbe1f84-2bb6-52f4-99b9-9e44035b4a4b", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1000fcc9-94bb-5a85-8b42-f95abe0f707a", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f93a0b6a-f00f-5a19-8cd8-1eb16a3ab381", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:64370702-294f-5b44-9c6b-eb51f070ec08", "id": "CVE-2021-30639", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-30639 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:346d9322-8019-511c-86ca-c90846062f66", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1576dafe-35ae-5e37-89f7-3dd511874789", "id": "CVE-2022-23181", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-23181 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b09863fa-62cb-572c-8bf5-f6cd2b506e9f", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8b239fea-67a5-505c-90d4-0b39e90e0c48", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1e31b885-77a6-5f0f-8066-075b6e395527", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:33d358b3-32ff-5b1a-99c5-bcb30753b62e", "id": "CVE-2024-38286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38286 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:903e8a67-9772-5d36-9870-3e1135b7fb30", "id": "CVE-2024-52316", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-52316 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:baae0439-09d9-5d23-8502-ac22429cee63", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:146fd12e-43be-5aec-bbaa-cdc7623eb0c4", "id": "CVE-2025-31651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31651 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d0b8539f-3af2-5a64-97fb-08ffa34e2dd5", "id": "CVE-2025-48988", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48988 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6f643242-6254-5f3d-be81-c692ee18bedf", "id": "CVE-2025-49125", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-49125 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d570cf13-3b2f-5254-9554-663280ebcf04", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8f7f0e2f-d0ac-5b2c-ae33-d83b7815f859", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c6a169a3-e0c1-5374-b5b7-b9a24b0fa88a", "id": "CVE-2026-24880", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24880 is fixed in version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:da6168cc-77b8-5c88-a7dc-bf56a7340f23", "id": "CVE-2026-29145", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2026-29145 does not affect version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha. The official CVE record (https://www.cve.org/CVERecord?id=CVE-2026-29145) limits the affected versions to Apache Tomcat 9.0.13\u20139.0.115, 10.1.0-M7\u201310.1.52, and 11.0.0-M1\u201311.0.18. Version 7.0.109 is not within any of these ranges" }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:12cac645-a1dd-5f2d-b775-323b833a8a9a", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@7.0.109-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d648c360-7036-5bfc-9d50-47fce30aa6d1", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 7.0.109-tuxcare.1 of org.apache.tomcat:tomcat-catalina-ha." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@7.0.109-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-catalina-ha@7.0.109-tuxcare.1" } ] }