{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:ee825396-2c1c-5281-9910-49401ddb7355", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.8", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-i18n-ja", "version": "9.0.90-tuxcare.8", "purl": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.8" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:4e6d0847-308c-588d-b9dd-c87e3923a8df", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:99a738d5-85d3-54e6-9c7f-49eeb3119973", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:b4ef324e-734c-547e-9af9-e8b34a672dd8", "id": "CVE-2020-13943", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2020-13943 does not affect version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-ja. Fix for CVE-202-13943 for this version has been already backported by the original developers, so brunch 9.0.90 is not vulnerable" }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:f11f6578-b8e8-54a9-b601-e404c2df1dbd", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:7861adf0-7cdd-5348-8f34-65a6217af79d", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:9a3343fa-caa8-5bbe-9b22-73740f0527eb", "id": "CVE-2021-42340", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2021-42340 does not affect version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-ja. Patches already applied: 31d62426645824bdfe076a0c0eafa904d90b4fb9 (already in target via 80f1438ec4 'Close WebConnection', a37a6d312c 'Fix BZ 68884 - improve handling of large scale WebSocket disconnects')" }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:18627739-788a-5906-934c-a68ee009259a", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:39ca1afd-4b5d-5b95-bbf2-4c811ee837e7", "id": "CVE-2022-45143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-45143 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:ed26cb4e-ef9a-5c4b-8bd5-9dc126a314ae", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:cc359bfa-b103-5f78-ae02-822220815e71", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:a12de323-d91b-51b3-be42-f320825e53c5", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:81cccd28-885e-58de-9038-3237d02c491e", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:f2f5de7c-3877-5e78-9213-0475e9db5373", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:c361e96d-412e-5a61-8573-a49494f13a64", "id": "CVE-2024-56337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56337 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:3cffdcdd-a52a-53f8-ba1e-8cce330dc9da", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:bede4555-9a31-59af-897a-fd0e38f0e9e1", "id": "CVE-2025-31650", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:b549e6f9-3177-5cf5-86d6-6a26bbc9bc46", "id": "CVE-2025-31651", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31651 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:65d0beb5-3ad8-547c-b0d1-d4ee5f8eca0c", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:7b1acdb8-9205-5021-ad12-9cfc8f046db9", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:5fc7460f-57a1-5de0-999a-e40812d421aa", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:721786eb-ae76-52c1-99a3-db0c8a10c581", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:79cab5da-a2af-564e-a21c-e58fe8496ec2", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:cc941eb6-eca1-5bf7-89ee-1f2005887360", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:f87d1b88-8daf-58ca-af60-551d7fe809cb", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:87fb7cb8-be08-5caa-9009-65c33336f5b0", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:be0cfa44-ab04-5e05-ad7a-71fc3f63bcfd", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:0aeb2649-3211-5f85-8c46-0f4e095f188a", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:643f841d-e3fd-5638-a710-e5cb03380321", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:549bc3b5-672f-5c2b-9aff-fb0c7f403658", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:65c253f8-241b-5b14-b089-719be2e346d6", "id": "CVE-2025-66614", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-66614 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:f302f38a-6353-5607-a214-8e0925ccd665", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:a6cf0b93-9196-5863-abf4-121ab03bd437", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:ce82cba6-76d1-5b14-82f1-057fb0f7c614", "id": "CVE-2026-24880", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24880 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:8dddd1bf-9a0c-52de-bde5-5eb6f36b60a4", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:7c19b2fe-d523-5013-a5d7-76a4897c8860", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:d0f04fe6-2eab-5142-b2c8-22ce9a1d4a32", "id": "CVE-2026-29146", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29146 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:bba79a78-0c2f-57a4-abb9-f02957cdabb6", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:b65435ca-9b7d-5bfb-a294-90e3501d10e6", "id": "CVE-2026-34483", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-34483 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:9b675e56-9175-59b6-9840-73b1f3275cf1", "id": "CVE-2026-34486", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34486 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:bd02ab2e-644b-5165-9faf-07a8620d3719", "id": "CVE-2026-34487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-34487 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:1c88405e-bb6c-5b3e-bd15-54866de6660c", "id": "CVE-2026-41284", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41284 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:a2824598-065d-5642-b751-5a61c412d10a", "id": "CVE-2026-41293", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41293 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:910f3fd9-0ac7-5d00-b3c4-128bff69c717", "id": "CVE-2026-42498", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42498 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:125cdcc7-30eb-58b8-9f05-7a326276e668", "id": "CVE-2026-43512", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-43512 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:d369e175-ae5a-53fb-9060-321bb518f01c", "id": "CVE-2026-43513", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-43513 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:9e5f6969-ec48-5240-8eca-f59d9724211e", "id": "CVE-2026-43514", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-43514 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.8" } ] }, { "bom-ref": "urn:uuid:2a0dc4a0-3918-57ea-82ed-b867f6ed1297", "id": "CVE-2026-43515", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-43515 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-ja." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.8" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ja@9.0.90-tuxcare.8" } ] }