{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:66568b9a-4205-5b62-b5f7-2684875f76bd", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.5", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-i18n-es", "version": "9.0.90-tuxcare.5", "purl": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:3ddd89a8-2b8c-550d-97de-3aa37db5a240", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c5da2244-1c3a-5baf-a187-0b5a9da204ba", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ca0bc6dc-1f4f-5145-94c3-a475a9370cb6", "id": "CVE-2020-13943", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2020-13943 does not affect version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-i18n-es. Fix for CVE-202-13943 for this version has been already backported by the original developers, so brunch 9.0.90 is not vulnerable" }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b00ea191-ab37-5c87-8ad7-f49a16fc4a28", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ac1593f3-b69f-5643-988c-327bebd18978", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4e7d8e6a-5bac-537c-b67c-49e3f7d54db6", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f5fd1c44-527e-5b34-b932-d56a192fa27f", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:61f50aa6-aa5f-5e4f-ab49-fbdc2e7c3ad9", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b09cbcb7-b1e0-505d-96d8-5f0f8451ff28", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:aaaa74c3-f945-5ed6-8605-2be968d849c9", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2acca370-1321-541f-a086-c126865eb26a", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c901658f-1bd8-57b8-ae3a-b4d7f11eb871", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:df7d694b-12fe-5ca4-ae7f-74c465039b28", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1aa5d3f4-804c-5f4f-9671-f791c5b1162a", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d719c8d6-455a-5146-98fe-39d7b81c0a86", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:23a61aef-a082-5821-8e34-3e95384ceb67", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f8fb0822-5010-5413-a354-3e389385158c", "id": "CVE-2025-31651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31651 affects version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d9b815a4-7f98-5b37-996b-b9db2012777e", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0b03769b-21de-5915-9429-d01fd9585a4c", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1e985709-a554-59e5-bb17-974cc55d7e41", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2fd47806-60e2-5245-a7d6-9c955000b1c3", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1939c097-007f-5414-a63b-78dce9722457", "id": "CVE-2025-49125", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-49125 affects version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:019a46bb-9899-5290-a41a-e7ba6af08455", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2367d1f2-a4eb-5403-9dbc-05de3891e6de", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:428a5a06-fed9-5e90-971f-b61a999c87e7", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8c60f959-038c-52f8-aa3e-473aae077c1d", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c17fa7f4-038a-54c8-8e49-fef304aaebe0", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:41e563c2-77ba-5442-ba43-470a22eab1e3", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8051ca25-4993-5da5-8258-42a657cded7e", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a7d535bb-1f87-53f4-b39e-6cabad54f155", "id": "CVE-2025-66614", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-66614 is fixed in version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9a07fb53-5345-5f93-a1ec-e3989201eeaa", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:fc47a9b5-051d-5afe-ab32-4b59cabebdd8", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:33ea8dce-533c-56ce-94cd-ca9e413e0cbe", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:fa675568-d1e0-582a-849d-87ef1f613b54", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:42d5b1ac-577b-5097-9ddc-c5585a394d8e", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:47c926a4-3446-525e-90a4-1816eb9a6a44", "id": "CVE-2026-29146", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29146 is fixed in version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:bd545cf6-fe7b-59df-ade6-1cddfa38b159", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:748233c1-7413-50bd-add4-0adbb108efe6", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b2a5d1fe-df4f-5f2e-befd-0bb3d97efb28", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.90-tuxcare.5 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.5" } ] }