{
  "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
  "bomFormat": "CycloneDX",
  "specVersion": "1.6",
  "serialNumber": "urn:uuid:d506aee1-dd8a-55a0-8367-4f1a8a80ae3c",
  "version": 1,
  "metadata": {
    "tools": [
      {
        "name": "tuxcare-vex-generator",
        "version": "1.0.0"
      }
    ]
  },
  "components": [
    {
      "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.8",
      "type": "library",
      "group": "org.apache.tomcat",
      "name": "tomcat-i18n-zh-CN",
      "version": "9.0.90-tuxcare.8",
      "purl": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.8"
    }
  ],
  "vulnerabilities": [
    {
      "bom-ref": "urn:uuid:6a657dd0-ce0a-5ab1-af14-640d7259f453",
      "id": "CVE-2020-11996",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2020-11996 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-zh-CN."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:eeba8836-ed97-54c8-9eba-1d1ed7aa71db",
      "id": "CVE-2020-13934",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2020-13934 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-zh-CN."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:a2426a96-15a4-501d-b1fd-e1d2c589c26e",
      "id": "CVE-2020-13943",
      "analysis": {
        "state": "not_affected",
        "detail": "Vulnerability CVE-2020-13943 does not affect version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-zh-CN. Fix for CVE-202-13943 for this version has been already backported by the original developers, so brunch 9.0.90 is not vulnerable"
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:f485c83e-3616-5c33-8e62-81b3d632d462",
      "id": "CVE-2020-9484",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2020-9484 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-zh-CN."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:176d66b4-7695-512e-8975-865643734320",
      "id": "CVE-2021-24122",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2021-24122 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-zh-CN."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:5f188695-7b02-54bd-be75-fe3fbd194a4d",
      "id": "CVE-2021-42340",
      "analysis": {
        "state": "not_affected",
        "detail": "Vulnerability CVE-2021-42340 does not affect version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-zh-CN. Patches already applied: 31d62426645824bdfe076a0c0eafa904d90b4fb9 (already in target via 80f1438ec4 'Close WebConnection', a37a6d312c 'Fix BZ 68884 - improve handling of large scale WebSocket disconnects')"
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:4a416763-5177-5759-b376-b18f4d98d253",
      "id": "CVE-2022-34305",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2022-34305 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-zh-CN."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:9451fe76-30bb-54f8-bfba-1058ed483987",
      "id": "CVE-2022-45143",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2022-45143 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-zh-CN."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:a1e27173-60f5-51fe-8f0d-0a3aeeb6bd69",
      "id": "CVE-2024-23672",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-23672 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-zh-CN."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:f7a39757-3e4e-554b-92ef-3b8f28a64d9f",
      "id": "CVE-2024-24549",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-24549 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-zh-CN."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:863b94d3-263c-554e-b223-6f61c3196bb9",
      "id": "CVE-2024-50379",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-zh-CN."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:1d769ddf-bb79-5634-b3af-8ec944e24172",
      "id": "CVE-2024-52316",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-zh-CN."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:6a496413-4266-50fa-8c39-5eddcabe967a",
      "id": "CVE-2024-54677",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-54677 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-zh-CN."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:34e7cbd1-e818-5f6f-8507-cc6e9f632363",
      "id": "CVE-2024-56337",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-56337 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-zh-CN."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:f42fe94e-8773-5e8f-baa7-559a90b5472f",
      "id": "CVE-2025-24813",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-zh-CN."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:5e1fd1ee-8d98-5dcb-9bfd-3d3101bdfc3e",
      "id": "CVE-2025-31650",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-31650 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-zh-CN."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:08f8dece-9d8a-5e0c-a95a-18403a941bdc",
      "id": "CVE-2025-31651",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2025-31651 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-zh-CN."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:31490750-354e-53f6-b391-935edfc5edf6",
      "id": "CVE-2025-46701",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-zh-CN."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:919f2535-9599-53f8-9c57-128bd84fa19c",
      "id": "CVE-2025-48988",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-zh-CN."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:ca2285b6-7c83-59d8-8f29-d6e9dde39d65",
      "id": "CVE-2025-48989",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-48989 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-zh-CN."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:0c01ceee-e4a6-5963-a566-2e10b81a46bd",
      "id": "CVE-2025-49124",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-zh-CN."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:4b21ba2d-0844-5f5d-ad3d-00f05373830d",
      "id": "CVE-2025-49125",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-zh-CN."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:dfa8c896-339d-5222-b70e-9d498a2f01f3",
      "id": "CVE-2025-52434",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-zh-CN."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:2c474ace-3861-5326-af05-67f21b2c0e55",
      "id": "CVE-2025-52520",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-zh-CN."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:5679aa9b-d5c9-5682-a6d4-ea0a383d4895",
      "id": "CVE-2025-53506",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-zh-CN."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:f860f461-4ac9-5c33-9b6c-b71a9f1b5507",
      "id": "CVE-2025-55668",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-zh-CN."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:73fc9bac-f3cc-5985-baf2-0cba9893ce85",
      "id": "CVE-2025-55752",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2025-55752 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-zh-CN."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:eff16356-2fb3-5ae2-aafb-1e327549caa4",
      "id": "CVE-2025-55754",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-zh-CN."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:f925369d-ae51-5baa-9bc3-685176a8e4ee",
      "id": "CVE-2025-61795",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-zh-CN."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:6b1db519-1569-531c-b842-17751ace4a39",
      "id": "CVE-2025-66614",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-66614 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-zh-CN."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:3bc34037-f73f-542b-b942-3e78f8d4e0fe",
      "id": "CVE-2026-24733",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-zh-CN."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:63271e90-fc13-53e8-ac07-4827579c09c4",
      "id": "CVE-2026-24734",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-24734 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-zh-CN."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:712d7abf-5623-56eb-be6e-c5f225ec9009",
      "id": "CVE-2026-24880",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2026-24880 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-zh-CN."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:2930ab76-d814-5c30-b7b7-0fc5c9352524",
      "id": "CVE-2026-25854",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2026-25854 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-zh-CN."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:abb07bee-c774-5d52-9262-92efd9e8fec9",
      "id": "CVE-2026-29145",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-29145 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-zh-CN."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:dae3ef7f-a735-5230-8900-1d0ee3f2f8e4",
      "id": "CVE-2026-29146",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2026-29146 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-zh-CN."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:54d5ddbe-de71-5255-86ce-aec66a5d3b23",
      "id": "CVE-2026-32990",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-32990 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-zh-CN."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:71f2473f-9f72-5382-adea-1040bd820a55",
      "id": "CVE-2026-34483",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2026-34483 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-zh-CN."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:3364e91c-8c8d-5dd8-ae31-54c106e08d32",
      "id": "CVE-2026-34486",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-34486 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-zh-CN."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:9aec7289-8902-5f6b-a8e4-7df5c2bdda78",
      "id": "CVE-2026-34487",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2026-34487 is fixed in version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-zh-CN."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:f771038e-64d4-51c2-a6d7-3d5f6bdb4d8c",
      "id": "CVE-2026-41284",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-41284 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-zh-CN."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:29e823db-e9df-5d07-ac5c-f514560aa764",
      "id": "CVE-2026-41293",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-41293 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-zh-CN."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:cf6b4312-36c9-5289-886d-9c1f9c7307d1",
      "id": "CVE-2026-42498",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-42498 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-zh-CN."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:2e1ea722-dc52-55d9-9215-0f5e54a8a417",
      "id": "CVE-2026-43512",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-43512 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-zh-CN."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:38d11dbd-8bf2-50b6-b812-6c1a18c7cb5e",
      "id": "CVE-2026-43513",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-43513 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-zh-CN."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:7af83930-86ef-5091-a771-a164625e1bbe",
      "id": "CVE-2026-43514",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-43514 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-zh-CN."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.8"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:d4e8f32c-c4f7-53f2-8e1d-0a45c4b34b14",
      "id": "CVE-2026-43515",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-43515 affects version 9.0.90-tuxcare.8 of org.apache.tomcat:tomcat-i18n-zh-CN."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.8"
        }
      ]
    }
  ],
  "dependencies": [
    {
      "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@9.0.90-tuxcare.8"
    }
  ]
}