{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:64870fc0-3785-5cae-b1c3-049aa0a011a2", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.santuario/xmlsec@2.0.10.tuxcare", "type": "library", "group": "org.apache.santuario", "name": "xmlsec", "version": "2.0.10.tuxcare", "purl": "pkg:maven/org.apache.santuario/xmlsec@2.0.10.tuxcare" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:d126e3ec-8325-57b0-89af-f088a1ef225e", "id": "CVE-2019-12400", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2019-12400 is fixed in version 2.0.10.tuxcare of org.apache.santuario:xmlsec." }, "affects": [ { "ref": "pkg:maven/org.apache.santuario/xmlsec@2.0.10.tuxcare" } ] }, { "bom-ref": "urn:uuid:358bcf2e-85fa-5e66-b996-efa519d3a424", "id": "CVE-2021-40690", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-40690 is fixed in version 2.0.10.tuxcare of org.apache.santuario:xmlsec." }, "affects": [ { "ref": "pkg:maven/org.apache.santuario/xmlsec@2.0.10.tuxcare" } ] }, { "bom-ref": "urn:uuid:6ddbf7ff-ae68-5d61-8045-b36511499770", "id": "CVE-2023-44483", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44483 is fixed in version 2.0.10.tuxcare of org.apache.santuario:xmlsec." }, "affects": [ { "ref": "pkg:maven/org.apache.santuario/xmlsec@2.0.10.tuxcare" } ] }, { "bom-ref": "urn:uuid:5ad7b9d6-d54b-5ed4-a77c-30a1db63a65a", "id": "CVE-2024-20945", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-20945 affects version 2.0.10.tuxcare of org.apache.santuario:xmlsec." }, "affects": [ { "ref": "pkg:maven/org.apache.santuario/xmlsec@2.0.10.tuxcare" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.santuario/xmlsec@2.0.10.tuxcare" } ] }