{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:c9ffd65a-0e08-5b14-8cdf-1a29815c51d3", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.8", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-i18n-es", "version": "9.0.90-tuxcare.8", "purl": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.8" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:59c0f31b-f76f-520e-b699-e263fbe738b9", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:fab6c863-c17f-55a8-b459-e24f43c53725", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:0d96cd8d-a1ec-5e69-939c-2387b4d0baee", "id": "CVE-2020-13943", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2020-13943 does not affect version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-es. Fix for CVE-202-13943 for this version has been already backported by the original developers, so brunch 9.0.90 is not vulnerable" }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:a96ad100-e573-5a95-a1c6-535a787f906c", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:e0a1aeda-546b-50b4-ae06-61366af7e5c8", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:8b86609f-c1a1-5836-a6c1-ce09c443ba32", "id": "CVE-2021-42340", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2021-42340 does not affect version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-es. Patches already applied: 31d62426645824bdfe076a0c0eafa904d90b4fb9 (already in target via 80f1438ec4 'Close WebConnection', a37a6d312c 'Fix BZ 68884 - improve handling of large scale WebSocket disconnects')" }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:446a2d44-81bd-5fad-a70a-bcdd74ab7be0", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:319eb450-e672-5091-8e7a-58d03d3726e6", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:a31e8dce-bb28-5471-a088-66110efea238", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:8465fb87-7d42-590c-a2d1-5b1fffb62fe3", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:44b9b454-9033-5af3-b1b2-b9dd08398a73", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:a039ca45-a5b8-574c-a3a8-be3c6e77536e", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:b59f1c87-e892-56bd-91c6-85d125c0e3e2", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:afd41cc1-9630-57bf-9edd-04f6c73b8552", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:a2f3aa46-0f2e-547a-a251-49697c03a7b0", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:e47eff1c-751a-5b5d-8895-73e531e52d92", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:7fe77900-c86a-5c68-b3ae-11945eb20163", "id": "CVE-2025-31651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31651 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:cd4a6abf-a1ad-5e87-886b-3c1816cd0653", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:c588201c-8da5-542b-a81a-12631714518f", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:0b8c9b8b-a64e-517b-8e70-c5e54c8fea66", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:239e93f7-3802-56e7-9355-5a2ecc95cd60", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:046089dc-d12c-51af-b357-15b3ae0dd9d4", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:b2ceec62-8fae-595f-ac66-aa74dd76e7d6", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:c3e04fef-a727-5b6f-9996-03b8cf92fece", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:530ed5be-4965-58fa-b849-7351dcac3b75", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:b2810ce6-0550-5e3b-9b94-8e382239b61d", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:facbb7d4-2f3c-56d5-becd-a47d21dc73c6", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:0ecc3fe8-55b1-5400-8877-51c467827cf9", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:9e92079a-5152-5005-a910-f4ad61c20a67", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:afb9d8d6-8bf8-5d6f-8521-b9e55f55ee13", "id": "CVE-2025-66614", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-66614 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:576d8a66-fd57-58cd-aee0-97f66f65c575", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:35e532b8-4b5b-5441-a7aa-557071e93ada", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:55fb146b-bc29-52b3-953e-488fe67c556a", "id": "CVE-2026-24880", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24880 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:c621a15e-b8c0-527e-9f06-6701129152a4", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:ced63752-37c5-5659-8815-f1ad4bba4fa7", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:ac71ad26-a216-5289-8efb-b66893b90af5", "id": "CVE-2026-29146", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29146 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:e94289c5-a349-50b2-9d7b-edb7fe2f935d", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:fe26b5cc-2b44-5002-918f-25f8ec6a89cc", "id": "CVE-2026-34483", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-34483 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:e8b47913-0700-516e-969d-f7471fee4d5d", "id": "CVE-2026-34486", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34486 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:5eb616cb-b424-515d-ab03-06f56bc16542", "id": "CVE-2026-34487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-34487 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:777fa70d-d9f0-58a2-a345-c3488f7da7ea", "id": "CVE-2026-41284", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41284 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:b03830e7-a905-5b44-9bc2-cbc7f58e4fc7", "id": "CVE-2026-41293", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41293 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:13484e4d-f8ac-597b-9859-fa70ebba69fb", "id": "CVE-2026-42498", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42498 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:4d39e441-ee07-5c55-9d87-9edaaa9b0a4d", "id": "CVE-2026-43512", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-43512 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:5a55bf65-0671-5b69-bb37-b39207abe8bc", "id": "CVE-2026-43513", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-43513 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:2f041194-9e80-59bd-994f-fbacd041d02a", "id": "CVE-2026-43514", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-43514 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:d18835ed-7203-5f48-9367-201983905136", "id": "CVE-2026-43515", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-43515 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-es." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.8" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-es@9.0.90-tuxcare.8" } ] }