{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:e03ee160-af9d-54e3-a008-7f8ea7e9f85d", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.bouncycastle/bcpg-jdk15to18@1.76-tuxcare.1", "type": "library", "group": "org.bouncycastle", "name": "bcpg-jdk15to18", "version": "1.76-tuxcare.1", "purl": "pkg:maven/org.bouncycastle/bcpg-jdk15to18@1.76-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:9fff8f4e-c345-5036-8d1d-e0fa92b71867", "id": "CVE-2024-29857", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-29857 is fixed in version 1.76-tuxcare.1 of org.bouncycastle:bcpg-jdk15to18." }, "affects": [ { "ref": "pkg:maven/org.bouncycastle/bcpg-jdk15to18@1.76-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f323aecd-e080-5675-9265-4f5c46c37868", "id": "CVE-2024-30171", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-30171 is fixed in version 1.76-tuxcare.1 of org.bouncycastle:bcpg-jdk15to18." }, "affects": [ { "ref": "pkg:maven/org.bouncycastle/bcpg-jdk15to18@1.76-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ba0fc55d-6e8a-59bb-aef6-330faf635323", "id": "CVE-2024-30172", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-30172 is fixed in version 1.76-tuxcare.1 of org.bouncycastle:bcpg-jdk15to18." }, "affects": [ { "ref": "pkg:maven/org.bouncycastle/bcpg-jdk15to18@1.76-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dfd4fba2-531f-5cac-be64-8aac0247fc15", "id": "CVE-2024-34447", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-34447 is fixed in version 1.76-tuxcare.1 of org.bouncycastle:bcpg-jdk15to18." }, "affects": [ { "ref": "pkg:maven/org.bouncycastle/bcpg-jdk15to18@1.76-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3dda86e3-cfe9-5165-8e7d-d774a25d823a", "id": "CVE-2025-8885", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-8885 is fixed in version 1.76-tuxcare.1 of org.bouncycastle:bcpg-jdk15to18." }, "affects": [ { "ref": "pkg:maven/org.bouncycastle/bcpg-jdk15to18@1.76-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0541abc8-d886-561b-8c92-4af22d2c2d48", "id": "CVE-2025-8916", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-8916 affects version 1.76-tuxcare.1 of org.bouncycastle:bcpg-jdk15to18." }, "affects": [ { "ref": "pkg:maven/org.bouncycastle/bcpg-jdk15to18@1.76-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f5d3db78-e7c9-5849-b2ea-9776f5f01fe2", "id": "CVE-2026-3505", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-3505 affects version 1.76-tuxcare.1 of org.bouncycastle:bcpg-jdk15to18." }, "affects": [ { "ref": "pkg:maven/org.bouncycastle/bcpg-jdk15to18@1.76-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:30f55ada-53c0-5a03-9db3-7e451f43c62d", "id": "CVE-2026-5588", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5588 affects version 1.76-tuxcare.1 of org.bouncycastle:bcpg-jdk15to18." }, "affects": [ { "ref": "pkg:maven/org.bouncycastle/bcpg-jdk15to18@1.76-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b171a902-5a22-5731-92bf-77e3fc89b6d8", "id": "CVE-2026-5598", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5598 affects version 1.76-tuxcare.1 of org.bouncycastle:bcpg-jdk15to18." }, "affects": [ { "ref": "pkg:maven/org.bouncycastle/bcpg-jdk15to18@1.76-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.bouncycastle/bcpg-jdk15to18@1.76-tuxcare.1" } ] }