{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:7c6aa4d7-375a-5b33-a093-3c905f32c822", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.4", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-i18n-ja", "version": "9.0.90-tuxcare.4", "purl": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:4a09bc32-84fa-5c76-a60f-caa059863878", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.90-tuxcare.4 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2ae756ba-226d-560d-8bb2-f83a53439ffb", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.90-tuxcare.4 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d7d4e235-65f3-5131-8481-925f5af3d9a6", "id": "CVE-2020-13943", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2020-13943 does not affect version 9.0.90-tuxcare.4 of org.apache.tomcat:tomcat-i18n-ja. Fix for CVE-202-13943 for this version has been already backported by the original developers, so brunch 9.0.90 is not vulnerable" }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5eb4fee9-2b8a-56c1-a664-17ec40014bf0", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.90-tuxcare.4 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:30337d03-7180-5dbe-bd23-42c81e54b17b", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.90-tuxcare.4 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:393ba2a6-0929-5644-8b1c-e49526f804b8", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.90-tuxcare.4 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5579fa58-16b3-5759-be6a-f5323d9c643c", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.90-tuxcare.4 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f495d522-87c1-59b3-8161-7cd77850fee2", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.90-tuxcare.4 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ec0a13f1-7249-52c0-95c5-a27bb7332690", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.90-tuxcare.4 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bf90acc5-54c9-5577-a71c-fdba047e070f", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.90-tuxcare.4 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e7a5cf0d-9739-5c6f-8234-05335d279c3f", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.90-tuxcare.4 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b85a2a85-a5e7-57dd-baa2-a891e6d43eee", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.90-tuxcare.4 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9b6d4157-4642-5015-a7d0-517d9dcc5f72", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.90-tuxcare.4 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d4ceb3e7-40d6-5dac-90c2-ac69a72cc56b", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 9.0.90-tuxcare.4 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d0f7cde8-2e00-5679-a257-456768ff8440", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.90-tuxcare.4 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c38a9f99-b258-5851-b764-3f3dcb44e7b2", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.90-tuxcare.4 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:84a09659-a883-5cbe-ab25-b4449f2f93f0", "id": "CVE-2025-31651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31651 affects version 9.0.90-tuxcare.4 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e679ced0-092d-507a-bf18-df9040284699", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.90-tuxcare.4 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3505d90c-6604-5fa6-8f26-4a4e53c9ad8c", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.90-tuxcare.4 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:90306491-1269-5cad-973a-a80e095d0591", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.90-tuxcare.4 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7a7e6429-a8eb-5db2-80ec-47a51095002f", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.90-tuxcare.4 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c098ba52-3898-51a7-8601-e6b4d20af959", "id": "CVE-2025-49125", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-49125 affects version 9.0.90-tuxcare.4 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5c6ceebd-5473-551d-a03f-149ed9796a80", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.90-tuxcare.4 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:dcb2c558-6e85-5cc3-abe3-4091bf634637", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.90-tuxcare.4 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:29782e78-1c7b-561d-a97f-707cca9579b0", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.90-tuxcare.4 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:072219b4-2e2f-5a99-bb6b-8d58bd35d3e3", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.90-tuxcare.4 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9b926de3-f064-5bd9-aac5-8e12c7acc078", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.90-tuxcare.4 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:24c95f3c-dd48-5794-a2e2-e0fb153a186e", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.90-tuxcare.4 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7a59eb14-34fb-55c7-b7f3-a56f6edcec24", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.90-tuxcare.4 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b21a410a-8390-5064-bfc4-1d16f6fbb061", "id": "CVE-2025-66614", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-66614 is fixed in version 9.0.90-tuxcare.4 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d46425aa-50d1-564a-a2fd-53cf9f2ba055", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.90-tuxcare.4 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:98495fca-c591-5789-923a-0d5f0a9a6337", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 9.0.90-tuxcare.4 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3b2f06ab-a6ca-5847-a6d2-99fb02ed6ec3", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.90-tuxcare.4 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1a2cc888-3406-5663-9213-4c23cf4c92ff", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.90-tuxcare.4 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1551e536-b5f6-5856-be44-446083aab237", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 9.0.90-tuxcare.4 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e779c7b8-d66f-506d-8301-fba29a199575", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.90-tuxcare.4 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:36f3cac8-e571-548e-8438-2611f8b202b1", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.90-tuxcare.4 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:20d20e46-de9c-5d8a-9e64-ffdb1a80dd38", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.90-tuxcare.4 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:50673a2a-7234-54d7-b590-f81d3bcd760f", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.90-tuxcare.4 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.4" } ] }