{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:56a779df-d0f3-56d0-a04c-33b543ce5960", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.1", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-i18n-es", "version": "9.0.90-tuxcare.1", "purl": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:7aefbdc3-df17-51e6-8210-de1eebf660df", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.90-tuxcare.1 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5d117500-be79-5735-8e3e-a886b7358339", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.90-tuxcare.1 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5e0ef30c-128b-5912-8d8c-54179f0ca498", "id": "CVE-2020-13943", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2020-13943 does not affect version 9.0.90-tuxcare.1 of org.apache.tomcat:tomcat-i18n-es. Fix for CVE-202-13943 for this version has been already backported by the original developers, so brunch 9.0.90 is not vulnerable" }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:babe8e01-f268-5a60-b32a-70980d09992d", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.90-tuxcare.1 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:370eb5ae-fed1-5749-a208-9495a13aecc5", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.90-tuxcare.1 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f27e5434-079f-5554-bcfc-712f62a95eb9", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.90-tuxcare.1 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:80da0013-964c-5fde-b56b-bc38fbcf79b0", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.90-tuxcare.1 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d8ebdd97-2c71-5452-8022-c3942c506fcb", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.90-tuxcare.1 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3024af86-8007-5f0c-8695-7f41be2eaf1d", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.90-tuxcare.1 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1db85cbe-8eab-53d1-884c-7541a5df67e1", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.90-tuxcare.1 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:25c4528b-6210-5dbc-a16e-801a5603f172", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.90-tuxcare.1 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b2756e26-82d8-59db-895a-33882606b78d", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.90-tuxcare.1 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:106a1608-7629-587a-b11f-2ff2fddc315a", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.90-tuxcare.1 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:46359705-33a4-5186-b854-6b9f61836bd9", "id": "CVE-2024-56337", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56337 affects version 9.0.90-tuxcare.1 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2bd87e30-6814-519b-b5b7-61e5f3a9b668", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 9.0.90-tuxcare.1 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f28b1489-9de1-5f4f-9a23-730860dc3a51", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.90-tuxcare.1 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e8554cfd-5ea6-5dab-8b0b-f37216958f3d", "id": "CVE-2025-31651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31651 affects version 9.0.90-tuxcare.1 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d14764d7-7c22-5e32-b537-f2db0d0f440b", "id": "CVE-2025-46701", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-46701 affects version 9.0.90-tuxcare.1 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4988354f-ab5a-5c24-b416-f1960dd02355", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.90-tuxcare.1 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:01620b6a-c7d2-5706-9c44-3b0f03447cd8", "id": "CVE-2025-48989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48989 affects version 9.0.90-tuxcare.1 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7906ab58-03ef-59cd-a215-8258110f26ef", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.90-tuxcare.1 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a659c61c-643b-53c1-905c-4b12470f4949", "id": "CVE-2025-49125", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-49125 affects version 9.0.90-tuxcare.1 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9d03b70b-93d7-53ad-a98e-b449be197890", "id": "CVE-2025-52434", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52434 affects version 9.0.90-tuxcare.1 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:69101540-7370-504d-9ead-6a54d551372d", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.90-tuxcare.1 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c16ab1ed-9a19-52d1-8eb5-a706fa443748", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.90-tuxcare.1 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0bbc08ff-da66-51a3-86b9-6c37647d4ae2", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.90-tuxcare.1 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cb8bcca5-499f-5b3d-a5f3-1a2e78593173", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.90-tuxcare.1 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7747f0fc-ffe9-5276-ba91-013baa5ef3f6", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.90-tuxcare.1 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7ac43c40-f1a6-5a87-940f-40f81bc01845", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.90-tuxcare.1 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8288ae69-d432-5f14-bf53-26056cba653f", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.90-tuxcare.1 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a5019ace-9eae-5838-b31d-2b495e759fcd", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.90-tuxcare.1 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e1d20241-0ac0-5130-a97c-0271dbe82e64", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 9.0.90-tuxcare.1 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:030bbdb7-7dbd-5c6d-9ce8-e738e9b304db", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.90-tuxcare.1 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6176ca39-981d-5eef-97ca-372e69a2f781", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.90-tuxcare.1 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:81d34980-9c32-5809-9377-447390b43813", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 9.0.90-tuxcare.1 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c064b69d-cc54-50e3-9085-bfe90f29028f", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.90-tuxcare.1 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6a66f10c-f640-53cf-afb3-7df6f357b843", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.90-tuxcare.1 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:00052ffe-9621-5fb6-9e04-22cc7e0e9ac6", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.90-tuxcare.1 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c7dec928-22c9-58dd-b798-7e6ce9e4498c", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.90-tuxcare.1 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.1" } ] }