{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:9369ca10-956f-5d08-8002-200234724f66", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.bouncycastle/bcpg-jdk14@1.64-tuxcare.2", "type": "library", "group": "org.bouncycastle", "name": "bcpg-jdk14", "version": "1.64-tuxcare.2", "purl": "pkg:maven/org.bouncycastle/bcpg-jdk14@1.64-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:541f204c-5ebe-5541-9e06-cbfa94daea6f", "id": "CVE-2020-0187", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-0187 affects version 1.64-tuxcare.2 of org.bouncycastle:bcpg-jdk14." }, "affects": [ { "ref": "pkg:maven/org.bouncycastle/bcpg-jdk14@1.64-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:461a9fcd-741d-5124-a2ee-7231971ab8db", "id": "CVE-2020-15522", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-15522 is fixed in version 1.64-tuxcare.2 of org.bouncycastle:bcpg-jdk14." }, "affects": [ { "ref": "pkg:maven/org.bouncycastle/bcpg-jdk14@1.64-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7cf36d2e-2650-5ad1-960a-56346ab6edb2", "id": "CVE-2023-33201", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-33201 affects version 1.64-tuxcare.2 of org.bouncycastle:bcpg-jdk14." }, "affects": [ { "ref": "pkg:maven/org.bouncycastle/bcpg-jdk14@1.64-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e1db4497-5861-5250-9a7d-3b296c464855", "id": "CVE-2023-33202", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-33202 affects version 1.64-tuxcare.2 of org.bouncycastle:bcpg-jdk14." }, "affects": [ { "ref": "pkg:maven/org.bouncycastle/bcpg-jdk14@1.64-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bf25ddb9-7882-5dd4-a222-67029fbd4ef8", "id": "CVE-2024-29857", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-29857 affects version 1.64-tuxcare.2 of org.bouncycastle:bcpg-jdk14." }, "affects": [ { "ref": "pkg:maven/org.bouncycastle/bcpg-jdk14@1.64-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:557e1c28-c41e-56e5-9b61-e93163b40180", "id": "CVE-2024-30171", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-30171 affects version 1.64-tuxcare.2 of org.bouncycastle:bcpg-jdk14." }, "affects": [ { "ref": "pkg:maven/org.bouncycastle/bcpg-jdk14@1.64-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:79cd4b68-726b-5b11-b87a-4f3b4b57e5d6", "id": "CVE-2024-34447", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-34447 affects version 1.64-tuxcare.2 of org.bouncycastle:bcpg-jdk14." }, "affects": [ { "ref": "pkg:maven/org.bouncycastle/bcpg-jdk14@1.64-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a892c50a-3152-561d-b1ea-0ca6089ee37f", "id": "CVE-2025-8885", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-8885 affects version 1.64-tuxcare.2 of org.bouncycastle:bcpg-jdk14." }, "affects": [ { "ref": "pkg:maven/org.bouncycastle/bcpg-jdk14@1.64-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:428ed3fb-546c-5bae-a00a-02d480481206", "id": "CVE-2025-8916", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-8916 is fixed in version 1.64-tuxcare.2 of org.bouncycastle:bcpg-jdk14." }, "affects": [ { "ref": "pkg:maven/org.bouncycastle/bcpg-jdk14@1.64-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.bouncycastle/bcpg-jdk14@1.64-tuxcare.2" } ] }