{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:72707c0e-79da-5ff1-b776-8afda8c2ddbe", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.2", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-i18n-zh-CN", "version": "9.0.90-tuxcare.2", "purl": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:56837f01-f12d-54c4-80d0-11817bba43d2", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.90-tuxcare.2 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6b001efb-4762-5f25-9547-0f2d76ae1bc9", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.90-tuxcare.2 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:27a64292-dc7a-5a76-86e4-43c86fdcf3a1", "id": "CVE-2020-13943", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2020-13943 does not affect version 9.0.90-tuxcare.2 of org.apache.tomcat:tomcat-i18n-zh-CN. Fix for CVE-202-13943 for this version has been already backported by the original developers, so brunch 9.0.90 is not vulnerable" }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e06b5b9f-76a0-5954-a00b-44070755e079", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.90-tuxcare.2 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c82c4a6e-181d-5ab0-bdc6-8c82f30d21e1", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.90-tuxcare.2 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f7f3a8d4-d170-57de-86b0-1cb772e5c82a", "id": "CVE-2021-42340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-42340 affects version 9.0.90-tuxcare.2 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5bac8837-eb0f-5bd6-a01d-f94220d7a03a", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.90-tuxcare.2 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d7968192-85c6-5492-870f-9f24c227cbb6", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.90-tuxcare.2 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0dd0b4e9-5dc7-564d-bf0a-40700e6e2792", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.90-tuxcare.2 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6daea1da-90a6-5b1e-a1d0-874d76168702", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.90-tuxcare.2 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fd548716-2892-5ed0-8ea1-65bf55ee5fa1", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.90-tuxcare.2 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8de015e3-3663-509f-a51a-8bb1a4c89dc8", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.90-tuxcare.2 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:57395605-cd48-59f7-9b2c-590a39f004c4", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.90-tuxcare.2 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5c8b2d85-6193-582d-a102-ec84ec405f0c", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 9.0.90-tuxcare.2 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:47280bc1-64a0-5c96-bb6b-2d73defdd3fa", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.90-tuxcare.2 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a07453b7-db54-541b-91b0-3995b8278077", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.90-tuxcare.2 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1226b9f7-25c0-5170-b2f2-a62c48b24332", "id": "CVE-2025-31651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31651 affects version 9.0.90-tuxcare.2 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f85aab8f-d1ec-5a72-9546-deb767f43857", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.90-tuxcare.2 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:00e3f2d6-533e-589d-9bb2-f64a4172a6e0", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.90-tuxcare.2 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8abc56af-d5bd-50bc-9538-1ec987a607dc", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.90-tuxcare.2 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:19aff1d5-d7dd-5947-a881-35bb193ba0e7", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.90-tuxcare.2 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:013130dc-73a0-5afb-bdcb-14a566e1af7b", "id": "CVE-2025-49125", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-49125 affects version 9.0.90-tuxcare.2 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0a703ff1-b074-5a1b-b1bb-3bda44700af8", "id": "CVE-2025-52434", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-52434 affects version 9.0.90-tuxcare.2 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c27032c7-6f5b-5d99-bf44-331790001041", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.90-tuxcare.2 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:23cf5395-2b37-564d-998b-b4fae63e45b1", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.90-tuxcare.2 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:aeb55d03-cab8-56ae-a262-048e66118889", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.90-tuxcare.2 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0f0ee462-edf2-53a8-9d50-0b14b82b8e3a", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.90-tuxcare.2 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bc7cc78c-8cbe-52b4-87ca-72572bbd0131", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.90-tuxcare.2 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bfdb5562-3caa-52d4-a976-4a964993207c", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.90-tuxcare.2 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1d14f069-b4a3-5a44-8ee6-d21dbe39590d", "id": "CVE-2025-66614", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66614 affects version 9.0.90-tuxcare.2 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d1f9e291-6252-59b3-ae7c-89043226432f", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 9.0.90-tuxcare.2 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a892b7ab-dc38-57c7-91d4-953f186d9487", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 9.0.90-tuxcare.2 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dfd9c6e6-aaf4-529a-88df-4ed857ad73c8", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.90-tuxcare.2 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bbc2fcb7-5d65-5e63-b3b7-89e8d459e82b", "id": "CVE-2026-25854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25854 affects version 9.0.90-tuxcare.2 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cc381b38-baeb-5f84-8194-f5fd067357ee", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 9.0.90-tuxcare.2 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f20d2b0d-59b6-5d10-9a5b-be199cfc3457", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.90-tuxcare.2 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:79cbd1cd-b476-5da7-a659-3910904d9254", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.90-tuxcare.2 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5b594ebd-5a07-50a3-9d1b-0a1545080390", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.90-tuxcare.2 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8c07876a-8898-5a54-a3b8-fee0d644af7a", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.90-tuxcare.2 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.2" } ] }