{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:976b8e43-2d7c-5541-8d19-55a857623052", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:pypi/torch@1.13.1", "type": "library", "name": "torch", "version": "1.13.1", "purl": "pkg:pypi/torch@1.13.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:cb7815e9-8255-5aad-b27a-b85bbdf01e42", "id": "CVE-2024-31580", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-31580 is fixed in version 1.13.1 of torch." }, "affects": [ { "ref": "pkg:pypi/torch@1.13.1" } ] }, { "bom-ref": "urn:uuid:6c4db3d2-0eb1-5bbe-9ab3-dab0c31660fc", "id": "CVE-2024-31583", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-31583 is fixed in version 1.13.1 of torch." }, "affects": [ { "ref": "pkg:pypi/torch@1.13.1" } ] }, { "bom-ref": "urn:uuid:94cb9b8b-9c10-576b-a3fd-1a90529220ab", "id": "CVE-2024-7804", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-7804 is a false positive for torch 1.13.1." }, "affects": [ { "ref": "pkg:pypi/torch@1.13.1" } ] }, { "bom-ref": "urn:uuid:059869c0-bd8a-50e8-bfcb-3d2bd3e0ac2c", "id": "CVE-2025-2148", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-2148 affects version 1.13.1 of torch." }, "affects": [ { "ref": "pkg:pypi/torch@1.13.1" } ] }, { "bom-ref": "urn:uuid:18fce2f7-8478-5c1b-a362-cd11d9ffe010", "id": "CVE-2025-2149", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-2149 affects version 1.13.1 of torch." }, "affects": [ { "ref": "pkg:pypi/torch@1.13.1" } ] }, { "bom-ref": "urn:uuid:148c5b84-aa90-5e1c-b7f3-c397bf6bf17c", "id": "CVE-2025-2953", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-2953 affects version 1.13.1 of torch." }, "affects": [ { "ref": "pkg:pypi/torch@1.13.1" } ] }, { "bom-ref": "urn:uuid:050c3499-7843-5fd9-b368-c8789ee0b2e3", "id": "CVE-2025-2998", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-2998 affects version 1.13.1 of torch." }, "affects": [ { "ref": "pkg:pypi/torch@1.13.1" } ] }, { "bom-ref": "urn:uuid:ea945c37-0f42-53a9-88d6-d733444ca3e6", "id": "CVE-2025-2999", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-2999 affects version 1.13.1 of torch." }, "affects": [ { "ref": "pkg:pypi/torch@1.13.1" } ] }, { "bom-ref": "urn:uuid:499e707a-94c0-5e64-bbdb-da43cedaa43f", "id": "CVE-2025-3000", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-3000 affects version 1.13.1 of torch." }, "affects": [ { "ref": "pkg:pypi/torch@1.13.1" } ] }, { "bom-ref": "urn:uuid:a0c5201d-f27e-5b7e-ab66-7c097f1c9c2f", "id": "CVE-2025-3001", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-3001 affects version 1.13.1 of torch." }, "affects": [ { "ref": "pkg:pypi/torch@1.13.1" } ] }, { "bom-ref": "urn:uuid:3cbb5505-cacc-5436-9493-72cb4553909e", "id": "CVE-2025-32434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-32434 is fixed in version 1.13.1 of torch." }, "affects": [ { "ref": "pkg:pypi/torch@1.13.1" } ] }, { "bom-ref": "urn:uuid:97c1bc46-09be-5249-82c6-87cd2f74a719", "id": "CVE-2025-3730", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-3730 affects version 1.13.1 of torch." }, "affects": [ { "ref": "pkg:pypi/torch@1.13.1" } ] } ], "dependencies": [ { "ref": "pkg:pypi/torch@1.13.1" } ] }