{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:e4fcaf17-c0bb-5b09-9b74-157f6d177656", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ru@10.1.42-tuxcare.1", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-i18n-ru", "version": "10.1.42-tuxcare.1", "purl": "pkg:maven/org.apache.tomcat/tomcat-i18n-ru@10.1.42-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:e5cffbb9-bfd4-59b1-9d66-52241efe3d45", "id": "CVE-2024-23672", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2024-23672 does not affect version 10.1.42-tuxcare.1 of org.apache.tomcat:tomcat-i18n-ru. Tomcat 10.1.42 is not vulnerable because CVE-2024-23672 is fixed in 10.1.19 and affects only 10.1.0-M1 through 10.1.18, and 10.1.42 is later than 10.1.19." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ru@10.1.42-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1d6d0c18-e4ca-5e77-acd3-99fea14fd0cd", "id": "CVE-2024-24549", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2024-24549 does not affect version 10.1.42-tuxcare.1 of org.apache.tomcat:tomcat-i18n-ru. 10.1.42 is not vulnerable. The issue is fixed in 10.1.19, and 10.1.42 is later than 10.1.19, so this version already includes the fix." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ru@10.1.42-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4d097240-5996-5a90-aeae-602b0418b92f", "id": "CVE-2024-52316", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-52316 affects version 10.1.42-tuxcare.1 of org.apache.tomcat:tomcat-i18n-ru." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ru@10.1.42-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6be91b3f-1243-53c0-b973-e0e321f27a0f", "id": "CVE-2025-48988", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2025-48988 does not affect version 10.1.42-tuxcare.1 of org.apache.tomcat:tomcat-i18n-ru. 10.1.42 is the first fixed release in 10.1.x. The fix is already included in 10.1.42." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ru@10.1.42-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5300cf87-4e2d-5e3b-8b2a-fa9b21090d72", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 10.1.42-tuxcare.1 of org.apache.tomcat:tomcat-i18n-ru." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ru@10.1.42-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:64df4738-f42f-5788-abaa-a2f1e6572365", "id": "CVE-2025-49125", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2025-49125 does not affect version 10.1.42-tuxcare.1 of org.apache.tomcat:tomcat-i18n-ru. 10.1.42 is the first fixed release in 10.1.x. The fix is already included in 10.1.42." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ru@10.1.42-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bf2f0092-48ff-5b05-a935-628c400900cb", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 10.1.42-tuxcare.1 of org.apache.tomcat:tomcat-i18n-ru." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ru@10.1.42-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c43f1908-ba22-5844-a4a3-7a81d0c3d432", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 10.1.42-tuxcare.1 of org.apache.tomcat:tomcat-i18n-ru." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ru@10.1.42-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b988b893-e613-5894-8a97-c0444fd06455", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 10.1.42-tuxcare.1 of org.apache.tomcat:tomcat-i18n-ru." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ru@10.1.42-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:33f6c74c-f8fb-5cf9-95d6-6ecdbf361147", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 10.1.42-tuxcare.1 of org.apache.tomcat:tomcat-i18n-ru." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ru@10.1.42-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3b567d84-c363-5585-a22d-26c9a5816074", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 10.1.42-tuxcare.1 of org.apache.tomcat:tomcat-i18n-ru." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ru@10.1.42-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bf0b16f4-254e-55b9-80d5-d60a9d05a14c", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 10.1.42-tuxcare.1 of org.apache.tomcat:tomcat-i18n-ru." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ru@10.1.42-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:84a674b3-f3ee-56cc-b669-8e81396a7fb6", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 10.1.42-tuxcare.1 of org.apache.tomcat:tomcat-i18n-ru." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ru@10.1.42-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ccc0d700-05b8-5013-9d09-93cda8d47bfe", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 10.1.42-tuxcare.1 of org.apache.tomcat:tomcat-i18n-ru." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ru@10.1.42-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d1d16179-2bcb-56c3-9fb7-30b307f67dbb", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 10.1.42-tuxcare.1 of org.apache.tomcat:tomcat-i18n-ru." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ru@10.1.42-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f5edd1b6-f583-58c1-8aee-c0fbe2b8a99b", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 10.1.42-tuxcare.1 of org.apache.tomcat:tomcat-i18n-ru." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ru@10.1.42-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2833a522-2e1b-50bb-8978-71e77fe6c12b", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 10.1.42-tuxcare.1 of org.apache.tomcat:tomcat-i18n-ru." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ru@10.1.42-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5b1de6da-9e7e-596b-8b87-7e3f5f0a8e53", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 10.1.42-tuxcare.1 of org.apache.tomcat:tomcat-i18n-ru." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ru@10.1.42-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:340eb10c-5885-5608-b46b-e0d3f1e48ece", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 10.1.42-tuxcare.1 of org.apache.tomcat:tomcat-i18n-ru." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ru@10.1.42-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:15e4807c-3d6f-5cbc-aa78-565a5649c0b1", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 10.1.42-tuxcare.1 of org.apache.tomcat:tomcat-i18n-ru." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ru@10.1.42-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2df52244-a876-5221-8a23-aa0fd174330e", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 10.1.42-tuxcare.1 of org.apache.tomcat:tomcat-i18n-ru." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ru@10.1.42-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d04fd3b9-819a-5a14-a843-da661ecbcacf", "id": "CVE-2026-34500", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34500 affects version 10.1.42-tuxcare.1 of org.apache.tomcat:tomcat-i18n-ru." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ru@10.1.42-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ru@10.1.42-tuxcare.1" } ] }