{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:2fa96d15-19c7-5dc2-ac04-48b66476dbf2", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.bouncycastle/bcprov-ext-jdk15on@1.64-tuxcare.2", "type": "library", "group": "org.bouncycastle", "name": "bcprov-ext-jdk15on", "version": "1.64-tuxcare.2", "purl": "pkg:maven/org.bouncycastle/bcprov-ext-jdk15on@1.64-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:bde7ef27-7e09-564e-aa70-f4b22118989f", "id": "CVE-2020-0187", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-0187 affects version 1.64-tuxcare.2 of org.bouncycastle:bcprov-ext-jdk15on." }, "affects": [ { "ref": "pkg:maven/org.bouncycastle/bcprov-ext-jdk15on@1.64-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:57ec2c69-41b7-5655-937d-bf6f4326d892", "id": "CVE-2020-15522", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-15522 is fixed in version 1.64-tuxcare.2 of org.bouncycastle:bcprov-ext-jdk15on." }, "affects": [ { "ref": "pkg:maven/org.bouncycastle/bcprov-ext-jdk15on@1.64-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:09d639c0-20e8-5fda-9cea-5b7671cc7653", "id": "CVE-2023-33201", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-33201 affects version 1.64-tuxcare.2 of org.bouncycastle:bcprov-ext-jdk15on." }, "affects": [ { "ref": "pkg:maven/org.bouncycastle/bcprov-ext-jdk15on@1.64-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:57ebbe8b-fa79-5784-a9c7-80659ffc805a", "id": "CVE-2023-33202", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-33202 affects version 1.64-tuxcare.2 of org.bouncycastle:bcprov-ext-jdk15on." }, "affects": [ { "ref": "pkg:maven/org.bouncycastle/bcprov-ext-jdk15on@1.64-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0a20d4ee-f271-5154-a793-b23486a905bb", "id": "CVE-2024-29857", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-29857 affects version 1.64-tuxcare.2 of org.bouncycastle:bcprov-ext-jdk15on." }, "affects": [ { "ref": "pkg:maven/org.bouncycastle/bcprov-ext-jdk15on@1.64-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:717682ea-edfe-551b-a5f6-bbe7ae8e0a06", "id": "CVE-2024-30171", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-30171 affects version 1.64-tuxcare.2 of org.bouncycastle:bcprov-ext-jdk15on." }, "affects": [ { "ref": "pkg:maven/org.bouncycastle/bcprov-ext-jdk15on@1.64-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ebb6b712-a371-58ad-8263-0758adccc5b8", "id": "CVE-2024-34447", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-34447 affects version 1.64-tuxcare.2 of org.bouncycastle:bcprov-ext-jdk15on." }, "affects": [ { "ref": "pkg:maven/org.bouncycastle/bcprov-ext-jdk15on@1.64-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5ca47d23-b4be-50c5-8d19-868ae8aba152", "id": "CVE-2025-8885", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-8885 affects version 1.64-tuxcare.2 of org.bouncycastle:bcprov-ext-jdk15on." }, "affects": [ { "ref": "pkg:maven/org.bouncycastle/bcprov-ext-jdk15on@1.64-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8112f079-9cc7-5fa7-8a4f-9a1f2c24e22f", "id": "CVE-2025-8916", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-8916 is fixed in version 1.64-tuxcare.2 of org.bouncycastle:bcprov-ext-jdk15on." }, "affects": [ { "ref": "pkg:maven/org.bouncycastle/bcprov-ext-jdk15on@1.64-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.bouncycastle/bcprov-ext-jdk15on@1.64-tuxcare.2" } ] }