{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:4b93bcd3-c774-512a-9bd5-93561b806f17", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.1", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-i18n-zh-CN", "version": "9.0.90-tuxcare.1", "purl": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:d4e8512e-49bd-57d4-b7bc-51b037febb54", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.90-tuxcare.1 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dbac61d7-46f3-52aa-b6ff-9765c04d38e1", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.90-tuxcare.1 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8d901dc4-68fc-53a0-8fd8-6a1b1632e2e4", "id": "CVE-2020-13943", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2020-13943 does not affect version 9.0.90-tuxcare.1 of org.apache.tomcat:tomcat-i18n-zh-CN. Fix for CVE-202-13943 for this version has been already backported by the original developers, so brunch 9.0.90 is not vulnerable" }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:07ed6946-8737-5975-b088-a18721769990", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.90-tuxcare.1 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:11b34efa-7461-53ff-9bd6-30a5179214f1", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.90-tuxcare.1 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:83c09f92-987d-5c3c-8978-9b6d7643017e", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.90-tuxcare.1 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fb3408b9-cb1e-5826-a1ae-3c208e35ba26", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.90-tuxcare.1 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6b575485-1f5e-5460-9bfa-f2bedc0e05f0", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.90-tuxcare.1 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:97dfa3e6-5214-58f2-b62d-041afc1e49bd", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.90-tuxcare.1 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f6ffff5c-88eb-5eed-8026-70c2e3cf505a", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.90-tuxcare.1 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7a54c3af-9be7-5639-b370-cfc02c0bdead", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.90-tuxcare.1 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:94b8b9eb-cbfa-5eab-840b-6734ae97ec12", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.90-tuxcare.1 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bf795e39-1623-5b1f-8bf8-1d0c97aeee67", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.90-tuxcare.1 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:12579039-778f-5a07-b98a-1bf4961a12df", "id": "CVE-2024-56337", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56337 affects version 9.0.90-tuxcare.1 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ebf2f864-d685-54cd-9a1e-8299ff66385a", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 9.0.90-tuxcare.1 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e546d5cc-ba33-5ccb-bac9-1a400a64e5e3", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.90-tuxcare.1 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fccb551c-d662-553b-a814-6fd4f92b6006", "id": "CVE-2025-31651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31651 affects version 9.0.90-tuxcare.1 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3a5e942c-366c-5ace-810a-42539becbd19", "id": "CVE-2025-46701", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-46701 affects version 9.0.90-tuxcare.1 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9822243e-7b14-5d7c-acd6-336e43f1d15a", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.90-tuxcare.1 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0bc53a78-ae25-53e9-858b-e3bf2140ea26", "id": "CVE-2025-48989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48989 affects version 9.0.90-tuxcare.1 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c534b479-e45f-5674-9a06-04d8c7f9e6be", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.90-tuxcare.1 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ba32a2cd-bf31-520c-8ebf-99932e4772b8", "id": "CVE-2025-49125", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-49125 affects version 9.0.90-tuxcare.1 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e78b9809-c093-5fa8-9b14-86f12abae6a0", "id": "CVE-2025-52434", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52434 affects version 9.0.90-tuxcare.1 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a2ec7f92-ddc9-58ba-8445-bef8a11310c4", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.90-tuxcare.1 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ed6fbc73-c0ea-5b2b-b708-9059cf53e04d", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.90-tuxcare.1 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ec2c82d6-aee5-599b-80cf-f9a4be1402ec", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.90-tuxcare.1 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fe45e874-6fa8-5ef2-b9a6-05d2c2f5e510", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.90-tuxcare.1 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:06e883e2-9c03-526f-98da-5af469ad7eb2", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.90-tuxcare.1 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6ad30cac-13af-5b24-9ffd-ce343145a9f8", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.90-tuxcare.1 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0173141e-6543-5487-b5c7-731883143a15", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.90-tuxcare.1 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5575484e-804c-5e6e-ae72-8feb76b608af", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.90-tuxcare.1 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5929eb29-618f-55e4-9c7a-1d63ed82b856", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 9.0.90-tuxcare.1 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:08045f11-26c9-57ae-a0b1-45d6f3de1d0a", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.90-tuxcare.1 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d60b2778-5ea4-5141-9b14-05100bcf5ddb", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.90-tuxcare.1 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a2f15351-cf86-5dc4-80ae-589de8cd4760", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 9.0.90-tuxcare.1 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:24011cd5-6581-500b-b8e0-e8d0f57e1c5a", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.90-tuxcare.1 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:de4aa5a7-8a84-52e4-8277-bb87bffc1e7e", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.90-tuxcare.1 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:85c2475b-dcf4-5ef0-bb9a-c5ac21afb005", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.90-tuxcare.1 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:55f257c8-71f0-5370-bdc4-1a9727ff4f0f", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.90-tuxcare.1 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.1" } ] }