{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:0bf992a9-475e-5f55-9605-e49485ceca13", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:pypi/numpy@1.15.4", "type": "library", "name": "numpy", "version": "1.15.4", "purl": "pkg:pypi/numpy@1.15.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:b4519972-f07e-52b6-9da2-694ae8c2a808", "id": "CVE-2019-6446", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2019-6446 is fixed in version 1.15.4 of numpy." }, "affects": [ { "ref": "pkg:pypi/numpy@1.15.4" } ] }, { "bom-ref": "urn:uuid:ea997f8b-28e0-5be8-909b-fbce3171e8a7", "id": "CVE-2021-33430", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-33430 affects version 1.15.4 of numpy." }, "affects": [ { "ref": "pkg:pypi/numpy@1.15.4" } ] }, { "bom-ref": "urn:uuid:8d852728-3fae-54f6-935b-2ad4936af9bb", "id": "CVE-2021-34141", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-34141 is fixed in version 1.15.4 of numpy." }, "affects": [ { "ref": "pkg:pypi/numpy@1.15.4" } ] }, { "bom-ref": "urn:uuid:e22681e4-231d-5075-abd7-ce9670574d53", "id": "CVE-2021-41495", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41495 affects version 1.15.4 of numpy." }, "affects": [ { "ref": "pkg:pypi/numpy@1.15.4" } ] }, { "bom-ref": "urn:uuid:066f4c78-529f-5544-b945-6ce1f2f897c8", "id": "CVE-2021-41496", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41496 affects version 1.15.4 of numpy." }, "affects": [ { "ref": "pkg:pypi/numpy@1.15.4" } ] } ], "dependencies": [ { "ref": "pkg:pypi/numpy@1.15.4" } ] }