{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:960c0b94-72a6-51f4-a56b-82ed09c8c463", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-pt-BR@10.1.42-tuxcare.2", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-i18n-pt-BR", "version": "10.1.42-tuxcare.2", "purl": "pkg:maven/org.apache.tomcat/tomcat-i18n-pt-BR@10.1.42-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:96826f89-3292-5145-9c59-620d9a13d211", "id": "CVE-2024-23672", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2024-23672 does not affect version 10.1.42-tuxcare.2 of org.apache.tomcat:tomcat-i18n-pt-BR. Tomcat 10.1.42 is not vulnerable because CVE-2024-23672 is fixed in 10.1.19 and affects only 10.1.0-M1 through 10.1.18, and 10.1.42 is later than 10.1.19." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-pt-BR@10.1.42-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c2018ffb-a500-5715-9c08-6857428bf864", "id": "CVE-2024-24549", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2024-24549 does not affect version 10.1.42-tuxcare.2 of org.apache.tomcat:tomcat-i18n-pt-BR. 10.1.42 is not vulnerable. The issue is fixed in 10.1.19, and 10.1.42 is later than 10.1.19, so this version already includes the fix." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-pt-BR@10.1.42-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:186275fb-bb61-5487-a19b-58cbc99d5755", "id": "CVE-2024-52316", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-52316 affects version 10.1.42-tuxcare.2 of org.apache.tomcat:tomcat-i18n-pt-BR." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-pt-BR@10.1.42-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5648fb1f-1035-5d0a-b547-a3f7e64ca7c0", "id": "CVE-2025-48988", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2025-48988 does not affect version 10.1.42-tuxcare.2 of org.apache.tomcat:tomcat-i18n-pt-BR. 10.1.42 is the first fixed release in 10.1.x. The fix is already included in 10.1.42." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-pt-BR@10.1.42-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cafe177a-f19e-52e4-a0b0-7d9aedbd9e38", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 10.1.42-tuxcare.2 of org.apache.tomcat:tomcat-i18n-pt-BR." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-pt-BR@10.1.42-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bb9285a6-1874-58a2-9f5b-729ffd37c08e", "id": "CVE-2025-49125", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2025-49125 does not affect version 10.1.42-tuxcare.2 of org.apache.tomcat:tomcat-i18n-pt-BR. 10.1.42 is the first fixed release in 10.1.x. The fix is already included in 10.1.42." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-pt-BR@10.1.42-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5372620c-2a36-57c0-8dd1-c2aa86fa699b", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 10.1.42-tuxcare.2 of org.apache.tomcat:tomcat-i18n-pt-BR." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-pt-BR@10.1.42-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:efe06997-e497-52a7-99b9-0d16fd66f97d", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 10.1.42-tuxcare.2 of org.apache.tomcat:tomcat-i18n-pt-BR." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-pt-BR@10.1.42-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dd80e06a-6654-59bc-8c0e-97cc6d8ca0d9", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 10.1.42-tuxcare.2 of org.apache.tomcat:tomcat-i18n-pt-BR." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-pt-BR@10.1.42-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a9d0e70e-c030-580f-a7b5-279e35abb634", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 10.1.42-tuxcare.2 of org.apache.tomcat:tomcat-i18n-pt-BR." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-pt-BR@10.1.42-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f4d75604-01c4-5b4e-b255-17b09d2beb45", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 10.1.42-tuxcare.2 of org.apache.tomcat:tomcat-i18n-pt-BR." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-pt-BR@10.1.42-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:eba40b20-ee68-5b6d-8d76-6d2ccff0e500", "id": "CVE-2025-66614", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-66614 is fixed in version 10.1.42-tuxcare.2 of org.apache.tomcat:tomcat-i18n-pt-BR." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-pt-BR@10.1.42-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:65ba6248-7be9-5d77-bfcb-7edaf6e41a5e", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 10.1.42-tuxcare.2 of org.apache.tomcat:tomcat-i18n-pt-BR." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-pt-BR@10.1.42-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bcec986c-0497-5535-a41b-c9f2866007eb", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 10.1.42-tuxcare.2 of org.apache.tomcat:tomcat-i18n-pt-BR." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-pt-BR@10.1.42-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bcb306a2-9d5d-55b6-9fa7-f1accb8994bd", "id": "CVE-2026-24880", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24880 is fixed in version 10.1.42-tuxcare.2 of org.apache.tomcat:tomcat-i18n-pt-BR." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-pt-BR@10.1.42-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b1a04c10-4b9a-5ac5-9716-31888baceb7f", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 10.1.42-tuxcare.2 of org.apache.tomcat:tomcat-i18n-pt-BR." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-pt-BR@10.1.42-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:df4deda0-3b07-56f7-b095-1f867a81e393", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 10.1.42-tuxcare.2 of org.apache.tomcat:tomcat-i18n-pt-BR." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-pt-BR@10.1.42-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:924fec70-de6a-5ee2-b373-a8f5d6855dd0", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 10.1.42-tuxcare.2 of org.apache.tomcat:tomcat-i18n-pt-BR." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-pt-BR@10.1.42-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:71349ca4-479e-5db8-bf30-3e7956aab1d5", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 10.1.42-tuxcare.2 of org.apache.tomcat:tomcat-i18n-pt-BR." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-pt-BR@10.1.42-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4182153e-909c-57e1-8e46-b16296888c8f", "id": "CVE-2026-34483", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-34483 is fixed in version 10.1.42-tuxcare.2 of org.apache.tomcat:tomcat-i18n-pt-BR." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-pt-BR@10.1.42-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3961311f-479f-5db0-8731-d17e3394420b", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 10.1.42-tuxcare.2 of org.apache.tomcat:tomcat-i18n-pt-BR." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-pt-BR@10.1.42-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:787d4031-8040-503c-9d1e-0bc922133e12", "id": "CVE-2026-34500", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34500 affects version 10.1.42-tuxcare.2 of org.apache.tomcat:tomcat-i18n-pt-BR." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-pt-BR@10.1.42-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-pt-BR@10.1.42-tuxcare.2" } ] }