{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:901fdfb0-7a51-5307-83aa-124190120cb2", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.bouncycastle/bcprov-ext-jdk14@1.64-tuxcare.2", "type": "library", "group": "org.bouncycastle", "name": "bcprov-ext-jdk14", "version": "1.64-tuxcare.2", "purl": "pkg:maven/org.bouncycastle/bcprov-ext-jdk14@1.64-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:90b34c34-d2aa-5f1c-81ca-ff7545b78720", "id": "CVE-2020-0187", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-0187 affects version 1.64-tuxcare.2 of org.bouncycastle:bcprov-ext-jdk14." }, "affects": [ { "ref": "pkg:maven/org.bouncycastle/bcprov-ext-jdk14@1.64-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a0c86226-a1fd-5497-8dd3-1e82ab5c3080", "id": "CVE-2020-15522", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-15522 is fixed in version 1.64-tuxcare.2 of org.bouncycastle:bcprov-ext-jdk14." }, "affects": [ { "ref": "pkg:maven/org.bouncycastle/bcprov-ext-jdk14@1.64-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c76a8ee5-6321-5e45-bc11-f53683b832ab", "id": "CVE-2023-33201", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-33201 affects version 1.64-tuxcare.2 of org.bouncycastle:bcprov-ext-jdk14." }, "affects": [ { "ref": "pkg:maven/org.bouncycastle/bcprov-ext-jdk14@1.64-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0fbb319f-5a12-5974-82c9-891240db8eef", "id": "CVE-2023-33202", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-33202 affects version 1.64-tuxcare.2 of org.bouncycastle:bcprov-ext-jdk14." }, "affects": [ { "ref": "pkg:maven/org.bouncycastle/bcprov-ext-jdk14@1.64-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7f9f297c-cf8d-5bbd-bf44-f782d0ebdf57", "id": "CVE-2024-29857", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-29857 affects version 1.64-tuxcare.2 of org.bouncycastle:bcprov-ext-jdk14." }, "affects": [ { "ref": "pkg:maven/org.bouncycastle/bcprov-ext-jdk14@1.64-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6f4edb8d-b856-5d00-93f8-db862be7ba49", "id": "CVE-2024-30171", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-30171 affects version 1.64-tuxcare.2 of org.bouncycastle:bcprov-ext-jdk14." }, "affects": [ { "ref": "pkg:maven/org.bouncycastle/bcprov-ext-jdk14@1.64-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:814136df-2a83-5b36-ac76-3ed3c289227c", "id": "CVE-2024-34447", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-34447 affects version 1.64-tuxcare.2 of org.bouncycastle:bcprov-ext-jdk14." }, "affects": [ { "ref": "pkg:maven/org.bouncycastle/bcprov-ext-jdk14@1.64-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fc090af6-96ff-541e-bd4a-ed370595f1db", "id": "CVE-2025-8885", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-8885 affects version 1.64-tuxcare.2 of org.bouncycastle:bcprov-ext-jdk14." }, "affects": [ { "ref": "pkg:maven/org.bouncycastle/bcprov-ext-jdk14@1.64-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a31a1099-87df-5cae-a0f6-cb896661422c", "id": "CVE-2025-8916", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-8916 is fixed in version 1.64-tuxcare.2 of org.bouncycastle:bcprov-ext-jdk14." }, "affects": [ { "ref": "pkg:maven/org.bouncycastle/bcprov-ext-jdk14@1.64-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.bouncycastle/bcprov-ext-jdk14@1.64-tuxcare.2" } ] }