{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:b5178a57-47ff-595c-b7e9-dd3b01c2a041", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "mlflow@2.9.1.post2+tuxcare", "name": "mlflow", "type": "library", "version": "2.9.1.post2+tuxcare" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:2b546bc7-e0ab-5dd1-a0bc-cd9ee756508d", "id": "CVE-2023-6709", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-6709 is fixed in version 2.9.1.post2+tuxcare of mlflow." }, "affects": [ { "ref": "mlflow@2.9.1.post2+tuxcare" } ] }, { "bom-ref": "urn:uuid:fac5199a-1141-5a2e-baae-71cbd0ff079c", "id": "CVE-2023-6753", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-6753 is fixed in version 2.9.1.post2+tuxcare of mlflow." }, "affects": [ { "ref": "mlflow@2.9.1.post2+tuxcare" } ] }, { "bom-ref": "urn:uuid:0242ed33-bb3a-5bc8-9b9b-b7ad5f524ed4", "id": "CVE-2023-6909", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-6909 is fixed in version 2.9.1.post2+tuxcare of mlflow." }, "affects": [ { "ref": "mlflow@2.9.1.post2+tuxcare" } ] }, { "bom-ref": "urn:uuid:61435ca0-f4b8-5e7f-8f09-08c140b67630", "id": "CVE-2023-6974", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-6974 is fixed in version 2.9.1.post2+tuxcare of mlflow." }, "affects": [ { "ref": "mlflow@2.9.1.post2+tuxcare" } ] }, { "bom-ref": "urn:uuid:37040aef-4dd7-5537-9f4f-3626ad7fb162", "id": "CVE-2023-6975", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-6975 is fixed in version 2.9.1.post2+tuxcare of mlflow." }, "affects": [ { "ref": "mlflow@2.9.1.post2+tuxcare" } ] }, { "bom-ref": "urn:uuid:41921045-9643-5aba-a170-c7b7f4a65c05", "id": "CVE-2024-1593", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-1593 is fixed in version 2.9.1.post2+tuxcare of mlflow." }, "affects": [ { "ref": "mlflow@2.9.1.post2+tuxcare" } ] }, { "bom-ref": "urn:uuid:e117027f-0c4e-508c-8c8c-316ca6b11ad2", "id": "CVE-2024-2928", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-2928 is fixed in version 2.9.1.post2+tuxcare of mlflow." }, "affects": [ { "ref": "mlflow@2.9.1.post2+tuxcare" } ] }, { "bom-ref": "urn:uuid:ee3a6fff-0c43-53a5-b00e-092474b51e4d", "id": "CVE-2024-3573", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-3573 is fixed in version 2.9.1.post2+tuxcare of mlflow." }, "affects": [ { "ref": "mlflow@2.9.1.post2+tuxcare" } ] }, { "bom-ref": "urn:uuid:087750a1-b7c8-5833-beaf-9e054ee4a827", "id": "CVE-2024-27132", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-27132 is fixed in version 2.9.1.post2+tuxcare of mlflow." }, "affects": [ { "ref": "mlflow@2.9.1.post2+tuxcare" } ] }, { "bom-ref": "urn:uuid:36e737bb-f092-5e78-9654-47ea957c18d5", "id": "CVE-2024-27133", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-27133 is fixed in version 2.9.1.post2+tuxcare of mlflow." }, "affects": [ { "ref": "mlflow@2.9.1.post2+tuxcare" } ] }, { "bom-ref": "urn:uuid:b964b05d-6342-5020-8775-e94d6ef3c931", "id": "CVE-2024-27134", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-27134 is fixed in version 2.9.1.post2+tuxcare of mlflow." }, "affects": [ { "ref": "mlflow@2.9.1.post2+tuxcare" } ] }, { "bom-ref": "urn:uuid:b53e44bc-264e-520f-a072-774d3dec5f34", "id": "CVE-2024-37056", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-37056 is fixed in version 2.9.1.post2+tuxcare of mlflow." }, "affects": [ { "ref": "mlflow@2.9.1.post2+tuxcare" } ] }, { "bom-ref": "urn:uuid:283e8b97-3a8d-5189-8559-f91c1f2d6eee", "id": "CVE-2025-52967", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52967 is fixed in version 2.9.1.post2+tuxcare of mlflow." }, "affects": [ { "ref": "mlflow@2.9.1.post2+tuxcare" } ] } ], "dependencies": [ { "ref": "mlflow@2.9.1.post2+tuxcare" } ] }