{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:ffefb521-1c52-5e1a-9d21-a1f353964901", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.bouncycastle/bcprov-jdk15on@1.64-tuxcare.2", "type": "library", "group": "org.bouncycastle", "name": "bcprov-jdk15on", "version": "1.64-tuxcare.2", "purl": "pkg:maven/org.bouncycastle/bcprov-jdk15on@1.64-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:ef1efb6d-da55-5cc1-b7f0-32ebb0bded7b", "id": "CVE-2020-0187", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-0187 affects version 1.64-tuxcare.2 of org.bouncycastle:bcprov-jdk15on." }, "affects": [ { "ref": "pkg:maven/org.bouncycastle/bcprov-jdk15on@1.64-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7772ddba-7f88-57f0-8901-d2f5c94e24c8", "id": "CVE-2020-15522", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-15522 is fixed in version 1.64-tuxcare.2 of org.bouncycastle:bcprov-jdk15on." }, "affects": [ { "ref": "pkg:maven/org.bouncycastle/bcprov-jdk15on@1.64-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0f5a6a9d-a11f-5c01-a015-c8f1b328818a", "id": "CVE-2023-33201", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-33201 affects version 1.64-tuxcare.2 of org.bouncycastle:bcprov-jdk15on." }, "affects": [ { "ref": "pkg:maven/org.bouncycastle/bcprov-jdk15on@1.64-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bb7264b5-adf5-5493-b276-933b21ea7259", "id": "CVE-2023-33202", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-33202 affects version 1.64-tuxcare.2 of org.bouncycastle:bcprov-jdk15on." }, "affects": [ { "ref": "pkg:maven/org.bouncycastle/bcprov-jdk15on@1.64-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0dff11d2-24c8-5367-bab7-50524a5e7d33", "id": "CVE-2024-29857", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-29857 affects version 1.64-tuxcare.2 of org.bouncycastle:bcprov-jdk15on." }, "affects": [ { "ref": "pkg:maven/org.bouncycastle/bcprov-jdk15on@1.64-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ed717362-62cc-5e1f-a146-0e16e097c092", "id": "CVE-2024-30171", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-30171 affects version 1.64-tuxcare.2 of org.bouncycastle:bcprov-jdk15on." }, "affects": [ { "ref": "pkg:maven/org.bouncycastle/bcprov-jdk15on@1.64-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bb37669b-97ed-5d39-8a40-d586352fed3d", "id": "CVE-2024-34447", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-34447 affects version 1.64-tuxcare.2 of org.bouncycastle:bcprov-jdk15on." }, "affects": [ { "ref": "pkg:maven/org.bouncycastle/bcprov-jdk15on@1.64-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a3d39de1-440f-50b7-b42d-44e99d5adfe3", "id": "CVE-2025-8885", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-8885 affects version 1.64-tuxcare.2 of org.bouncycastle:bcprov-jdk15on." }, "affects": [ { "ref": "pkg:maven/org.bouncycastle/bcprov-jdk15on@1.64-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6689fa18-758e-5b97-b8fd-760ff5305e7c", "id": "CVE-2025-8916", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-8916 is fixed in version 1.64-tuxcare.2 of org.bouncycastle:bcprov-jdk15on." }, "affects": [ { "ref": "pkg:maven/org.bouncycastle/bcprov-jdk15on@1.64-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.bouncycastle/bcprov-jdk15on@1.64-tuxcare.2" } ] }