{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:88102733-8e4d-58b7-ba95-8cb5c82e2b57", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-cs@10.1.42-tuxcare.1", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-i18n-cs", "version": "10.1.42-tuxcare.1", "purl": "pkg:maven/org.apache.tomcat/tomcat-i18n-cs@10.1.42-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:30c83d10-8091-5eb7-b0cb-1eb5730c7a84", "id": "CVE-2024-23672", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2024-23672 does not affect version 10.1.42-tuxcare.1 of org.apache.tomcat:tomcat-i18n-cs. Tomcat 10.1.42 is not vulnerable because CVE-2024-23672 is fixed in 10.1.19 and affects only 10.1.0-M1 through 10.1.18, and 10.1.42 is later than 10.1.19." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-cs@10.1.42-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5dc20d85-fe69-50c7-b858-3dbd4a31707f", "id": "CVE-2024-24549", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2024-24549 does not affect version 10.1.42-tuxcare.1 of org.apache.tomcat:tomcat-i18n-cs. 10.1.42 is not vulnerable. The issue is fixed in 10.1.19, and 10.1.42 is later than 10.1.19, so this version already includes the fix." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-cs@10.1.42-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5ba4d496-7eba-5778-bd5d-6b4f02af3ef5", "id": "CVE-2024-52316", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-52316 affects version 10.1.42-tuxcare.1 of org.apache.tomcat:tomcat-i18n-cs." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-cs@10.1.42-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:61728212-f802-5b20-9a00-3ce90f473064", "id": "CVE-2025-48988", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2025-48988 does not affect version 10.1.42-tuxcare.1 of org.apache.tomcat:tomcat-i18n-cs. 10.1.42 is the first fixed release in 10.1.x. The fix is already included in 10.1.42." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-cs@10.1.42-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a56502f2-3f00-557d-93fe-d7ec66bc90b4", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 10.1.42-tuxcare.1 of org.apache.tomcat:tomcat-i18n-cs." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-cs@10.1.42-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d7af5af5-0fdd-5cb0-8581-906aca28aabf", "id": "CVE-2025-49125", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2025-49125 does not affect version 10.1.42-tuxcare.1 of org.apache.tomcat:tomcat-i18n-cs. 10.1.42 is the first fixed release in 10.1.x. The fix is already included in 10.1.42." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-cs@10.1.42-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ae96f57e-fe9b-5e09-8066-4495e8591ce8", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 10.1.42-tuxcare.1 of org.apache.tomcat:tomcat-i18n-cs." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-cs@10.1.42-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:99a07e5b-311f-5d9a-ab6f-f6e02b081f13", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 10.1.42-tuxcare.1 of org.apache.tomcat:tomcat-i18n-cs." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-cs@10.1.42-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:68b75576-a6ac-5e34-b439-48a1f16cd928", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 10.1.42-tuxcare.1 of org.apache.tomcat:tomcat-i18n-cs." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-cs@10.1.42-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ff29febf-6fa8-5f46-b9c2-3e82e5c1dfb4", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 10.1.42-tuxcare.1 of org.apache.tomcat:tomcat-i18n-cs." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-cs@10.1.42-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4fc854cf-a982-55eb-b76d-a7fa4d75ceed", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 10.1.42-tuxcare.1 of org.apache.tomcat:tomcat-i18n-cs." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-cs@10.1.42-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a0ca0243-26b1-5f05-b60d-5f43316c0dde", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 10.1.42-tuxcare.1 of org.apache.tomcat:tomcat-i18n-cs." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-cs@10.1.42-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:089e182d-f444-54d8-8ce3-074e3b0360f7", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 10.1.42-tuxcare.1 of org.apache.tomcat:tomcat-i18n-cs." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-cs@10.1.42-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:710f6ee3-8588-5a29-8765-d7755ca0fe73", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 10.1.42-tuxcare.1 of org.apache.tomcat:tomcat-i18n-cs." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-cs@10.1.42-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b5017600-4a04-5b74-8263-5efdda9c7e03", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 10.1.42-tuxcare.1 of org.apache.tomcat:tomcat-i18n-cs." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-cs@10.1.42-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ecb6d582-e8fe-5cb8-850c-2558f3a070bf", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 10.1.42-tuxcare.1 of org.apache.tomcat:tomcat-i18n-cs." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-cs@10.1.42-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c9645d6c-7d77-5caf-93c8-b0fb548066d4", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 10.1.42-tuxcare.1 of org.apache.tomcat:tomcat-i18n-cs." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-cs@10.1.42-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:640c56ce-f9c7-5a74-aecb-f0c4236e88b0", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 10.1.42-tuxcare.1 of org.apache.tomcat:tomcat-i18n-cs." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-cs@10.1.42-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:18a2ef5a-0baf-56ba-a44c-9bb593467e3b", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 10.1.42-tuxcare.1 of org.apache.tomcat:tomcat-i18n-cs." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-cs@10.1.42-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1004654c-bc2d-58ff-a7d2-fb3ac60d2a03", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 10.1.42-tuxcare.1 of org.apache.tomcat:tomcat-i18n-cs." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-cs@10.1.42-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a0a11140-e7ac-5ad9-909c-6f856d08d268", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 10.1.42-tuxcare.1 of org.apache.tomcat:tomcat-i18n-cs." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-cs@10.1.42-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:af059c84-c741-5615-b545-6391231a2bbd", "id": "CVE-2026-34500", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34500 affects version 10.1.42-tuxcare.1 of org.apache.tomcat:tomcat-i18n-cs." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-cs@10.1.42-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-cs@10.1.42-tuxcare.1" } ] }