{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:e5d75481-b09c-5497-9701-2fc6772dcbfc", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:pypi/dulwich@0.25.2.post4+tuxcare", "type": "library", "name": "dulwich", "version": "0.25.2.post4+tuxcare", "purl": "pkg:pypi/dulwich@0.25.2.post4+tuxcare" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:4cb1c3b4-626b-596d-823c-8ce941c99dcf", "id": "AIKIDO-2026-10554", "analysis": { "state": "resolved", "detail": "Vulnerability AIKIDO-2026-10554 is fixed in version 0.25.2.post4+tuxcare of dulwich." }, "affects": [ { "ref": "pkg:pypi/dulwich@0.25.2.post4+tuxcare" } ] }, { "bom-ref": "urn:uuid:b55188d3-f5fa-5589-ac90-af4de14d5d82", "id": "CVE-2026-42305", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-42305 is fixed in version 0.25.2.post4+tuxcare of dulwich." }, "affects": [ { "ref": "pkg:pypi/dulwich@0.25.2.post4+tuxcare" } ] }, { "bom-ref": "urn:uuid:151ce6b7-67ae-5bde-a303-711ee4822e8c", "id": "CVE-2026-42563", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-42563 is fixed in version 0.25.2.post4+tuxcare of dulwich." }, "affects": [ { "ref": "pkg:pypi/dulwich@0.25.2.post4+tuxcare" } ] }, { "bom-ref": "urn:uuid:47de35c0-e8e6-5afc-a104-9d54c09407c0", "id": "CVE-2026-47712", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-47712 affects version 0.25.2.post4+tuxcare of dulwich." }, "affects": [ { "ref": "pkg:pypi/dulwich@0.25.2.post4+tuxcare" } ] }, { "bom-ref": "urn:uuid:d5bf2a51-304f-5fd5-a377-f0a39b8f0fce", "id": "CVE-2026-47734", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-47734 is fixed in version 0.25.2.post4+tuxcare of dulwich." }, "affects": [ { "ref": "pkg:pypi/dulwich@0.25.2.post4+tuxcare" } ] } ], "dependencies": [ { "ref": "pkg:pypi/dulwich@0.25.2.post4+tuxcare" } ] }