{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:8315ca73-6b2b-598d-963a-772851bd924c", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:pypi/cryptography@43.0.1", "type": "library", "name": "cryptography", "version": "43.0.1", "purl": "pkg:pypi/cryptography@43.0.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:df220d6f-c22f-5a7e-b52c-ffdaf6ea20a8", "id": "CVE-2024-12797", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-12797 is fixed in version 43.0.1 of cryptography." }, "affects": [ { "ref": "pkg:pypi/cryptography@43.0.1" } ] }, { "bom-ref": "urn:uuid:c5c7674c-a150-54ec-b047-e7543084ed71", "id": "CVE-2026-26007", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-26007 affects version 43.0.1 of cryptography." }, "affects": [ { "ref": "pkg:pypi/cryptography@43.0.1" } ] }, { "bom-ref": "urn:uuid:be607d86-b814-5b28-8f99-bcc8c2501367", "id": "CVE-2026-34073", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34073 affects version 43.0.1 of cryptography." }, "affects": [ { "ref": "pkg:pypi/cryptography@43.0.1" } ] }, { "bom-ref": "urn:uuid:50ceda47-6ee6-5936-b62f-ba5e1b737b0d", "id": "GHSA-537c-gmf6-5ccf", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-537c-gmf6-5ccf affects version 43.0.1 of cryptography." }, "affects": [ { "ref": "pkg:pypi/cryptography@43.0.1" } ] } ], "dependencies": [ { "ref": "pkg:pypi/cryptography@43.0.1" } ] }