{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:ebb5e19d-212e-529e-a09b-975b1befc9ae", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ru@10.1.42-tuxcare.3", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-i18n-ru", "version": "10.1.42-tuxcare.3", "purl": "pkg:maven/org.apache.tomcat/tomcat-i18n-ru@10.1.42-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:9eec65fa-1ecb-5f30-ba19-ea377cc25611", "id": "CVE-2024-23672", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2024-23672 does not affect version 10.1.42-tuxcare.3 of org.apache.tomcat:tomcat-i18n-ru. Tomcat 10.1.42 is not vulnerable because CVE-2024-23672 is fixed in 10.1.19 and affects only 10.1.0-M1 through 10.1.18, and 10.1.42 is later than 10.1.19." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ru@10.1.42-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:090a6855-61bf-532a-b217-310b06954ec3", "id": "CVE-2024-24549", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2024-24549 does not affect version 10.1.42-tuxcare.3 of org.apache.tomcat:tomcat-i18n-ru. 10.1.42 is not vulnerable. The issue is fixed in 10.1.19, and 10.1.42 is later than 10.1.19, so this version already includes the fix." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ru@10.1.42-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5bf297d5-991a-5834-9c3e-68af356b9e22", "id": "CVE-2024-52316", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-52316 affects version 10.1.42-tuxcare.3 of org.apache.tomcat:tomcat-i18n-ru." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ru@10.1.42-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:12295656-4112-52bf-a908-b6c77c98426b", "id": "CVE-2025-48988", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2025-48988 does not affect version 10.1.42-tuxcare.3 of org.apache.tomcat:tomcat-i18n-ru. 10.1.42 is the first fixed release in 10.1.x. The fix is already included in 10.1.42." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ru@10.1.42-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:42adaa6f-33db-5e6c-b6c4-0a3df0e20882", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 10.1.42-tuxcare.3 of org.apache.tomcat:tomcat-i18n-ru." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ru@10.1.42-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e1d54f7a-166c-5742-af15-d7db06bba93e", "id": "CVE-2025-49125", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2025-49125 does not affect version 10.1.42-tuxcare.3 of org.apache.tomcat:tomcat-i18n-ru. 10.1.42 is the first fixed release in 10.1.x. The fix is already included in 10.1.42." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ru@10.1.42-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cae9a483-c31c-554f-af2c-3eb0a5a8ccf7", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 10.1.42-tuxcare.3 of org.apache.tomcat:tomcat-i18n-ru." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ru@10.1.42-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c74f7e13-38db-5985-a66b-cb6af0b8c95a", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 10.1.42-tuxcare.3 of org.apache.tomcat:tomcat-i18n-ru." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ru@10.1.42-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:63aa24e0-a708-5d88-98f6-81423687827d", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 10.1.42-tuxcare.3 of org.apache.tomcat:tomcat-i18n-ru." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ru@10.1.42-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:02298532-1819-5070-ab7a-7dd7673394e6", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 10.1.42-tuxcare.3 of org.apache.tomcat:tomcat-i18n-ru." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ru@10.1.42-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e76ab532-79cf-5552-8c46-ba6f1fe1d170", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 10.1.42-tuxcare.3 of org.apache.tomcat:tomcat-i18n-ru." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ru@10.1.42-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4d13f78c-8b83-535a-bb77-6f63b0cf8b40", "id": "CVE-2025-66614", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-66614 is fixed in version 10.1.42-tuxcare.3 of org.apache.tomcat:tomcat-i18n-ru." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ru@10.1.42-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:195827d6-83eb-5021-ae0e-cfeab123f045", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 10.1.42-tuxcare.3 of org.apache.tomcat:tomcat-i18n-ru." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ru@10.1.42-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cdbc2f35-5855-5c70-8d7c-6f77d16b50fc", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 10.1.42-tuxcare.3 of org.apache.tomcat:tomcat-i18n-ru." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ru@10.1.42-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0bbe2d6c-be5a-54ef-b31f-fd0a2c0a0bd0", "id": "CVE-2026-24880", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24880 is fixed in version 10.1.42-tuxcare.3 of org.apache.tomcat:tomcat-i18n-ru." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ru@10.1.42-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d314dba6-abcb-5327-8ea2-04f84dbc6169", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 10.1.42-tuxcare.3 of org.apache.tomcat:tomcat-i18n-ru." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ru@10.1.42-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ac2d03ee-1c82-5eba-83f3-aa02bb9390f5", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 10.1.42-tuxcare.3 of org.apache.tomcat:tomcat-i18n-ru." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ru@10.1.42-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dfe0d5fb-7b1c-5b7a-84a4-fafa67d38867", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 10.1.42-tuxcare.3 of org.apache.tomcat:tomcat-i18n-ru." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ru@10.1.42-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a05c1455-5247-5123-9f18-8720e1e7599a", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 10.1.42-tuxcare.3 of org.apache.tomcat:tomcat-i18n-ru." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ru@10.1.42-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:01e751ac-043b-5e1d-b320-198030179007", "id": "CVE-2026-34483", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-34483 is fixed in version 10.1.42-tuxcare.3 of org.apache.tomcat:tomcat-i18n-ru." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ru@10.1.42-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d730c22f-1ecb-5425-a04a-6989a080ef29", "id": "CVE-2026-34486", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34486 affects version 10.1.42-tuxcare.3 of org.apache.tomcat:tomcat-i18n-ru." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ru@10.1.42-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1f0700cc-c274-54b2-9b29-30fda23a2664", "id": "CVE-2026-34487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-34487 is fixed in version 10.1.42-tuxcare.3 of org.apache.tomcat:tomcat-i18n-ru." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ru@10.1.42-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d455a237-0108-5f91-9e47-c3013507dd8b", "id": "CVE-2026-34500", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34500 affects version 10.1.42-tuxcare.3 of org.apache.tomcat:tomcat-i18n-ru." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ru@10.1.42-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-ru@10.1.42-tuxcare.3" } ] }