{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:20fababa-42d0-5ac5-a068-45576c7c4fa8", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:pypi/boto3@1.33.13", "type": "library", "name": "boto3", "version": "1.33.13", "purl": "pkg:pypi/boto3@1.33.13" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:f257d6ca-d15c-572d-9aad-aa631377686d", "id": "CVE-2024-37891", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-37891 affects version 1.33.13 of boto3." }, "affects": [ { "ref": "pkg:pypi/boto3@1.33.13" } ] }, { "bom-ref": "urn:uuid:dcc68617-dd94-50e1-9e6b-a0ae33969c41", "id": "CVE-2025-50181", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-50181 affects version 1.33.13 of boto3." }, "affects": [ { "ref": "pkg:pypi/boto3@1.33.13" } ] }, { "bom-ref": "urn:uuid:35433749-d129-5816-b5b6-86016a36e2b5", "id": "CVE-2025-66418", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66418 affects version 1.33.13 of boto3." }, "affects": [ { "ref": "pkg:pypi/boto3@1.33.13" } ] }, { "bom-ref": "urn:uuid:3dafd53d-17d1-58ec-b7fe-d707b956d94a", "id": "CVE-2025-66471", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66471 affects version 1.33.13 of boto3." }, "affects": [ { "ref": "pkg:pypi/boto3@1.33.13" } ] }, { "bom-ref": "urn:uuid:daa580bd-269b-57ba-a30b-6780f9f9e842", "id": "CVE-2026-21441", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-21441 affects version 1.33.13 of boto3." }, "affects": [ { "ref": "pkg:pypi/boto3@1.33.13" } ] }, { "bom-ref": "urn:uuid:34fd9fa3-0b8c-5152-8861-f0ddd35221fb", "id": "CVE-2026-44431", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44431 affects version 1.33.13 of boto3." }, "affects": [ { "ref": "pkg:pypi/boto3@1.33.13" } ] } ], "dependencies": [ { "ref": "pkg:pypi/boto3@1.33.13" } ] }