{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:db7f8d42-ac4a-5317-b0a2-0e998b0a1c6f", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:pypi/cryptography@41.0.7", "type": "library", "name": "cryptography", "version": "41.0.7", "purl": "pkg:pypi/cryptography@41.0.7" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:fb436af3-2cd4-51be-9aa9-6b10a6478899", "id": "CVE-2023-50782", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-50782 is fixed in version 41.0.7 of cryptography." }, "affects": [ { "ref": "pkg:pypi/cryptography@41.0.7" } ] }, { "bom-ref": "urn:uuid:47c04247-9080-566c-86f7-6816d4febc91", "id": "CVE-2024-26130", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-26130 is fixed in version 41.0.7 of cryptography." }, "affects": [ { "ref": "pkg:pypi/cryptography@41.0.7" } ] }, { "bom-ref": "urn:uuid:2228f6f4-393d-5492-9f8f-44cdb517e68a", "id": "CVE-2026-34073", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34073 affects version 41.0.7 of cryptography." }, "affects": [ { "ref": "pkg:pypi/cryptography@41.0.7" } ] }, { "bom-ref": "urn:uuid:5a859e10-355d-5130-82ce-196e18faf7cd", "id": "GHSA-537c-gmf6-5ccf", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-537c-gmf6-5ccf affects version 41.0.7 of cryptography." }, "affects": [ { "ref": "pkg:pypi/cryptography@41.0.7" } ] }, { "bom-ref": "urn:uuid:3c59bf26-2454-5318-ab52-598b86fac3f1", "id": "GHSA-h4gh-qq45-vh27", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-h4gh-qq45-vh27 affects version 41.0.7 of cryptography." }, "affects": [ { "ref": "pkg:pypi/cryptography@41.0.7" } ] } ], "dependencies": [ { "ref": "pkg:pypi/cryptography@41.0.7" } ] }