{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:df3ba4fc-cd97-50f5-a58f-c469e002b035", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@10.1.42-tuxcare.3", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-i18n-zh-CN", "version": "10.1.42-tuxcare.3", "purl": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@10.1.42-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:30116bb9-1a7f-5a0d-b177-a49c759a8829", "id": "CVE-2024-23672", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2024-23672 does not affect version 10.1.42-tuxcare.3 of org.apache.tomcat:tomcat-i18n-zh-CN. Tomcat 10.1.42 is not vulnerable because CVE-2024-23672 is fixed in 10.1.19 and affects only 10.1.0-M1 through 10.1.18, and 10.1.42 is later than 10.1.19." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@10.1.42-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1a789f57-0ef7-5d52-b92e-68926d8a0133", "id": "CVE-2024-24549", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2024-24549 does not affect version 10.1.42-tuxcare.3 of org.apache.tomcat:tomcat-i18n-zh-CN. 10.1.42 is not vulnerable. The issue is fixed in 10.1.19, and 10.1.42 is later than 10.1.19, so this version already includes the fix." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@10.1.42-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d70b79fe-ba2b-5d60-8255-9e7f8e8d7001", "id": "CVE-2024-52316", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-52316 affects version 10.1.42-tuxcare.3 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@10.1.42-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2004d355-0483-590a-ace0-ab9a13ad5abf", "id": "CVE-2025-48988", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2025-48988 does not affect version 10.1.42-tuxcare.3 of org.apache.tomcat:tomcat-i18n-zh-CN. 10.1.42 is the first fixed release in 10.1.x. The fix is already included in 10.1.42." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@10.1.42-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8be30f52-5453-5765-98b4-1deb345fa2a6", "id": "CVE-2025-48989", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48989 is fixed in version 10.1.42-tuxcare.3 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@10.1.42-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:58818546-5223-5733-964f-b77557c7a526", "id": "CVE-2025-49125", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2025-49125 does not affect version 10.1.42-tuxcare.3 of org.apache.tomcat:tomcat-i18n-zh-CN. 10.1.42 is the first fixed release in 10.1.x. The fix is already included in 10.1.42." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@10.1.42-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:10a966c5-713a-5fc9-91fc-1ba0b20c7ab6", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 10.1.42-tuxcare.3 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@10.1.42-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:81d790b7-f889-50a6-a78c-c96a1a4be67b", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 10.1.42-tuxcare.3 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@10.1.42-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:72b7eaf5-b949-5e40-9544-c432fa153087", "id": "CVE-2025-55752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55752 is fixed in version 10.1.42-tuxcare.3 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@10.1.42-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4c69a434-bee3-5600-96c9-2f6e13f8e354", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 10.1.42-tuxcare.3 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@10.1.42-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b38a2395-2ffe-58e5-aea2-44dcca36faa1", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 10.1.42-tuxcare.3 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@10.1.42-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8c84201d-b7fa-525d-9504-4dbeb56e3328", "id": "CVE-2025-66614", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-66614 is fixed in version 10.1.42-tuxcare.3 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@10.1.42-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4ab92f31-e46f-591a-87ee-89d79b6acbaf", "id": "CVE-2026-24733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24733 affects version 10.1.42-tuxcare.3 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@10.1.42-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:242cd662-18d2-59a8-b7dc-19394454c0f1", "id": "CVE-2026-24734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24734 affects version 10.1.42-tuxcare.3 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@10.1.42-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4747932c-aae5-5b47-937d-5bf6527382af", "id": "CVE-2026-24880", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24880 is fixed in version 10.1.42-tuxcare.3 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@10.1.42-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:85ce5183-28db-516b-b0e8-c486960e0721", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 10.1.42-tuxcare.3 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@10.1.42-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0b18666a-2976-5819-a4cf-bddeaa1d9417", "id": "CVE-2026-29145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29145 affects version 10.1.42-tuxcare.3 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@10.1.42-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:70039df0-1e7a-5c95-8fe5-311d1ceb58cc", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 10.1.42-tuxcare.3 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@10.1.42-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:61b47c6b-2eeb-5527-9968-89cd067d3c54", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 10.1.42-tuxcare.3 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@10.1.42-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8ea4e643-aadd-5550-9982-0fed76811235", "id": "CVE-2026-34483", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-34483 is fixed in version 10.1.42-tuxcare.3 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@10.1.42-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f2553206-0a9b-515d-ba80-de8efc2fd84b", "id": "CVE-2026-34486", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34486 affects version 10.1.42-tuxcare.3 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@10.1.42-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f6f04c81-0749-5f9a-b599-219bd7a22186", "id": "CVE-2026-34487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-34487 is fixed in version 10.1.42-tuxcare.3 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@10.1.42-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0ddb65f4-9cff-51aa-8212-292d248d8a14", "id": "CVE-2026-34500", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34500 affects version 10.1.42-tuxcare.3 of org.apache.tomcat:tomcat-i18n-zh-CN." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@10.1.42-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-i18n-zh-CN@10.1.42-tuxcare.3" } ] }