{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:0ac3933e-0ed3-58b4-bda8-46f602e03b2d", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:pypi/pip@9.0", "type": "library", "name": "pip", "version": "9.0", "purl": "pkg:pypi/pip@9.0" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:7fe7363a-3dba-55fb-8421-ae6bee9e80aa", "id": "CVE-2021-3572", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-3572 affects version 9.0 of pip." }, "affects": [ { "ref": "pkg:pypi/pip@9.0" } ] }, { "bom-ref": "urn:uuid:7b3e4b54-4f24-560f-be3e-72ebc5d03691", "id": "CVE-2023-5752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-5752 affects version 9.0 of pip." }, "affects": [ { "ref": "pkg:pypi/pip@9.0" } ] }, { "bom-ref": "urn:uuid:79ad7c08-7d94-5a3f-8792-741ca075f720", "id": "CVE-2025-8869", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-8869 affects version 9.0 of pip." }, "affects": [ { "ref": "pkg:pypi/pip@9.0" } ] }, { "bom-ref": "urn:uuid:4a7e597a-f8b8-5507-be12-f67852ae0924", "id": "CVE-2026-1703", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1703 affects version 9.0 of pip." }, "affects": [ { "ref": "pkg:pypi/pip@9.0" } ] }, { "bom-ref": "urn:uuid:f9e75f68-43c9-51a7-b980-600da8e61b73", "id": "CVE-2026-3219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-3219 affects version 9.0 of pip." }, "affects": [ { "ref": "pkg:pypi/pip@9.0" } ] }, { "bom-ref": "urn:uuid:63ce2084-4b90-5cea-a098-0127c682ca4e", "id": "CVE-2026-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-6357 affects version 9.0 of pip." }, "affects": [ { "ref": "pkg:pypi/pip@9.0" } ] } ], "dependencies": [ { "ref": "pkg:pypi/pip@9.0" } ] }