{
  "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
  "bomFormat": "CycloneDX",
  "specVersion": "1.6",
  "serialNumber": "urn:uuid:159ad44b-cd1e-5de6-8c46-1dc341313898",
  "version": 1,
  "metadata": {
    "tools": [
      {
        "name": "tuxcare-vex-generator",
        "version": "1.0.0"
      }
    ]
  },
  "components": [
    {
      "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-pt-BR@9.0.90-tuxcare.8",
      "type": "library",
      "group": "org.apache.tomcat",
      "name": "tomcat-i18n-pt-BR",
      "version": "9.0.90-tuxcare.8",
      "purl": "pkg:maven/org.apache.tomcat/tomcat-i18n-pt-BR@9.0.90-tuxcare.8"
    }
  ],
  "vulnerabilities": [
    {
      "bom-ref": "urn:uuid:34e2277e-91d1-5012-971c-26d2f6cb106d",
      "id": "CVE-2020-11996",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2020-11996 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-pt-BR."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-pt-BR@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:1bb79326-3ab0-53f5-bf96-3ddecfc6ca37",
      "id": "CVE-2020-13934",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2020-13934 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-pt-BR."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-pt-BR@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:9fdf8a69-3d90-5f70-8084-c8307db1e9a8",
      "id": "CVE-2020-13943",
      "analysis": {
        "state": "not_affected",
        "detail": "Vulnerability CVE-2020-13943 does not affect version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-pt-BR. Fix for CVE-202-13943 for this version has been already backported by the original developers, so brunch 9.0.90 is not vulnerable"
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-pt-BR@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:ed29df6e-1293-50e3-a37e-77940c7601e9",
      "id": "CVE-2020-9484",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2020-9484 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-pt-BR."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-pt-BR@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:918f08c0-3745-5cd1-b60f-e21717239f75",
      "id": "CVE-2021-24122",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2021-24122 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-pt-BR."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-pt-BR@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:3aa57490-1ecd-5486-9332-fa142e52df79",
      "id": "CVE-2021-42340",
      "analysis": {
        "state": "not_affected",
        "detail": "Vulnerability CVE-2021-42340 does not affect version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-pt-BR. Patches already applied: 31d62426645824bdfe076a0c0eafa904d90b4fb9 (already in target via 80f1438ec4 'Close WebConnection', a37a6d312c 'Fix BZ 68884 - improve handling of large scale WebSocket disconnects')"
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-pt-BR@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:82ba05f3-7e3b-574e-b69e-f3a9024a495f",
      "id": "CVE-2022-34305",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2022-34305 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-pt-BR."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-pt-BR@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:88f6be0c-7174-54fb-8817-38695c616582",
      "id": "CVE-2022-45143",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2022-45143 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-pt-BR."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-pt-BR@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:885838ad-f69f-5715-bb90-2e15df45fc44",
      "id": "CVE-2024-23672",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-23672 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-pt-BR."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-pt-BR@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:dfd30400-95f3-5252-81fa-e70c5a588e6e",
      "id": "CVE-2024-24549",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-24549 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-pt-BR."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-pt-BR@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:052a0008-d660-5b72-ac43-d351bc7a002e",
      "id": "CVE-2024-50379",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-pt-BR."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-pt-BR@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:9d0e5a39-397f-5743-a650-559cb5de7700",
      "id": "CVE-2024-52316",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-pt-BR."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-pt-BR@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:bc77d8dd-f29f-5c24-a028-fab581673d9d",
      "id": "CVE-2024-54677",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-54677 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-pt-BR."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-pt-BR@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:44d3b688-5234-5ebf-b19e-a7640449374f",
      "id": "CVE-2024-56337",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-56337 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-pt-BR."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-pt-BR@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:86226ee7-45ab-5296-89f4-fc1f00c07c04",
      "id": "CVE-2025-24813",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-pt-BR."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-pt-BR@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:7b5cdf5b-5048-580c-83a4-fb74b57eadf6",
      "id": "CVE-2025-31650",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-pt-BR."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-pt-BR@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:6107da51-d411-562e-8a51-8456ab78f91a",
      "id": "CVE-2025-31651",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2025-31651 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-pt-BR."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-pt-BR@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:21416ae0-f9a9-51b9-8d7d-b470670792dd",
      "id": "CVE-2025-46701",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-pt-BR."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-pt-BR@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:04184f73-340f-5ed7-b549-cd5568ca3a2e",
      "id": "CVE-2025-48988",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-pt-BR."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-pt-BR@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:54df55a7-83f3-5979-9fc7-609ee1af037c",
      "id": "CVE-2025-48989",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-pt-BR."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-pt-BR@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:eccfbec6-a6aa-516b-8c55-4901d6f6bf1d",
      "id": "CVE-2025-49124",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-pt-BR."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-pt-BR@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:6c2057b0-50a2-5692-9149-325e5b1f37c5",
      "id": "CVE-2025-49125",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-pt-BR."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-pt-BR@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:2faed4ad-0c64-5d82-b580-29482eea93c9",
      "id": "CVE-2025-52434",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-pt-BR."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-pt-BR@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:a35f5ede-0c2c-5405-8168-6f37c75d44af",
      "id": "CVE-2025-52520",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-pt-BR."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-pt-BR@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:1cb562fb-c9d8-563c-9730-3604a333d5db",
      "id": "CVE-2025-53506",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-pt-BR."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-pt-BR@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:6080b1a4-618e-52b2-b53a-2cffd7c53c66",
      "id": "CVE-2025-55668",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-pt-BR."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-pt-BR@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:b118eb87-1568-5e5b-93f1-c07e5387c62c",
      "id": "CVE-2025-55752",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2025-55752 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-pt-BR."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-pt-BR@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:001e2dd1-cdb5-599f-ab96-281f6f6451be",
      "id": "CVE-2025-55754",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-pt-BR."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-pt-BR@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:6da080bf-3e8b-5994-a6e6-39e945760771",
      "id": "CVE-2025-61795",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-pt-BR."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-pt-BR@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:3e7b685e-85da-5cb2-9041-f295a2d74e93",
      "id": "CVE-2025-66614",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-66614 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-pt-BR."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-pt-BR@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:2528479d-8c1b-55c7-bf83-4269b4338a4f",
      "id": "CVE-2026-24733",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-pt-BR."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-pt-BR@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:d7f09f3d-5c50-54cf-91ec-fdd2a40def10",
      "id": "CVE-2026-24734",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-24734 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-pt-BR."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-pt-BR@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:c0099ac3-057a-5992-922d-754c29b15cdb",
      "id": "CVE-2026-24880",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2026-24880 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-pt-BR."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-pt-BR@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:bcedfcc5-ec9b-57d4-903c-b24da074c465",
      "id": "CVE-2026-25854",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2026-25854 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-pt-BR."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-pt-BR@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:063ab641-7a35-5e74-997c-74b27e5fa19b",
      "id": "CVE-2026-29145",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-29145 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-pt-BR."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-pt-BR@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:c148df5b-bdf1-5d12-8991-32d124ef9ff0",
      "id": "CVE-2026-29146",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2026-29146 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-pt-BR."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-pt-BR@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:bab9077d-10a8-5178-8043-7a53b7668261",
      "id": "CVE-2026-32990",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-32990 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-pt-BR."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-pt-BR@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:2a1c11d5-1eed-52c3-8e9e-9ea3ee5e6f65",
      "id": "CVE-2026-34483",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2026-34483 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-pt-BR."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-pt-BR@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:6321b843-d918-557d-a14e-e0c10d66e083",
      "id": "CVE-2026-34486",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-34486 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-pt-BR."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-pt-BR@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:7a0f1454-ae38-5a6d-9339-5b592e77d913",
      "id": "CVE-2026-34487",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2026-34487 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-pt-BR."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-pt-BR@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:c3267472-780e-5cad-a652-b5bdb871ef8f",
      "id": "CVE-2026-41284",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-41284 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-pt-BR."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-pt-BR@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:d165fb21-fc8b-5412-a508-b394e2c5de1d",
      "id": "CVE-2026-41293",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-41293 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-pt-BR."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-pt-BR@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:8fad2e7f-5f4a-5b3a-8273-f8326a2b4699",
      "id": "CVE-2026-42498",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-42498 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-pt-BR."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-pt-BR@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:e3089163-359a-5a5e-8461-305b318c44f1",
      "id": "CVE-2026-43512",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-43512 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-pt-BR."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-pt-BR@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:c9d29a14-6011-5bf5-a089-583c489dbed2",
      "id": "CVE-2026-43513",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-43513 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-pt-BR."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-pt-BR@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:6856b275-ac52-5483-92f7-a150417757de",
      "id": "CVE-2026-43514",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-43514 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-pt-BR."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-pt-BR@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:01be4f91-f279-5820-8705-27a424a2f8ff",
      "id": "CVE-2026-43515",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-43515 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-pt-BR."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-pt-BR@9.0.90-tuxcare.8"
        }
      ]
    }
  ],
  "dependencies": [
    {
      "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-pt-BR@9.0.90-tuxcare.8"
    }
  ]
}