{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:3fe3693b-27a6-57be-acc1-d32369809504", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:pypi/dulwich@0.25.2.post2+tuxcare", "type": "library", "name": "dulwich", "version": "0.25.2.post2+tuxcare", "purl": "pkg:pypi/dulwich@0.25.2.post2+tuxcare" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:698e42a8-e38b-5701-af92-d835a24b10c4", "id": "AIKIDO-2026-10554", "analysis": { "state": "resolved", "detail": "Vulnerability AIKIDO-2026-10554 is fixed in version 0.25.2.post2+tuxcare of dulwich." }, "affects": [ { "ref": "pkg:pypi/dulwich@0.25.2.post2+tuxcare" } ] }, { "bom-ref": "urn:uuid:fdc739e6-fec4-596a-aa40-7d714edb2664", "id": "CVE-2026-42305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42305 affects version 0.25.2.post2+tuxcare of dulwich." }, "affects": [ { "ref": "pkg:pypi/dulwich@0.25.2.post2+tuxcare" } ] }, { "bom-ref": "urn:uuid:1ef3c700-e190-5e3b-8bf1-fb0286dc5619", "id": "CVE-2026-42563", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-42563 is fixed in version 0.25.2.post2+tuxcare of dulwich." }, "affects": [ { "ref": "pkg:pypi/dulwich@0.25.2.post2+tuxcare" } ] }, { "bom-ref": "urn:uuid:e96e7f13-2c49-5ab4-8a42-72b60bba3fc7", "id": "CVE-2026-47712", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-47712 affects version 0.25.2.post2+tuxcare of dulwich." }, "affects": [ { "ref": "pkg:pypi/dulwich@0.25.2.post2+tuxcare" } ] }, { "bom-ref": "urn:uuid:33554b35-651e-5e0b-a9f2-a069069b44f7", "id": "CVE-2026-47734", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-47734 affects version 0.25.2.post2+tuxcare of dulwich." }, "affects": [ { "ref": "pkg:pypi/dulwich@0.25.2.post2+tuxcare" } ] } ], "dependencies": [ { "ref": "pkg:pypi/dulwich@0.25.2.post2+tuxcare" } ] }