{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:943f63ee-879e-5b74-b228-aeb69b8a3ebd", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:pypi/tornado@5.1.1", "type": "library", "name": "tornado", "version": "5.1.1", "purl": "pkg:pypi/tornado@5.1.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:68266c6c-2172-53e1-b26c-ae2381ce82a1", "id": "CVE-2023-28370", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-28370 affects version 5.1.1 of tornado." }, "affects": [ { "ref": "pkg:pypi/tornado@5.1.1" } ] }, { "bom-ref": "urn:uuid:3178c117-62b3-5c85-ba69-d273163e6fb9", "id": "CVE-2026-31958", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-31958 affects version 5.1.1 of tornado." }, "affects": [ { "ref": "pkg:pypi/tornado@5.1.1" } ] }, { "bom-ref": "urn:uuid:46bd35c4-3af7-5864-9793-429bc3bce9de", "id": "CVE-2026-35536", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-35536 affects version 5.1.1 of tornado." }, "affects": [ { "ref": "pkg:pypi/tornado@5.1.1" } ] }, { "bom-ref": "urn:uuid:80aab845-2a71-5386-bce3-09296e85e8b0", "id": "CVE-2026-49853", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-49853 affects version 5.1.1 of tornado." }, "affects": [ { "ref": "pkg:pypi/tornado@5.1.1" } ] }, { "bom-ref": "urn:uuid:eff5c812-205a-5556-b746-e3aa77f9e3cd", "id": "CVE-2026-49854", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-49854 affects version 5.1.1 of tornado." }, "affects": [ { "ref": "pkg:pypi/tornado@5.1.1" } ] }, { "bom-ref": "urn:uuid:589f2d1b-2daf-5276-855d-146831839da3", "id": "CVE-2026-49855", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-49855 affects version 5.1.1 of tornado." }, "affects": [ { "ref": "pkg:pypi/tornado@5.1.1" } ] }, { "bom-ref": "urn:uuid:27c46516-e7a1-5e1b-9082-c8d1b2f948d2", "id": "GHSA-753j-mpmx-qq6g", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-753j-mpmx-qq6g affects version 5.1.1 of tornado." }, "affects": [ { "ref": "pkg:pypi/tornado@5.1.1" } ] }, { "bom-ref": "urn:uuid:edc631f6-eb09-552d-ae59-908779c928cd", "id": "GHSA-78cv-mqj4-43f7", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-78cv-mqj4-43f7 affects version 5.1.1 of tornado." }, "affects": [ { "ref": "pkg:pypi/tornado@5.1.1" } ] }, { "bom-ref": "urn:uuid:eff28f5d-998b-51ea-9d5c-bf9365dd65a2", "id": "GHSA-pw6j-qg29-8w7f", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-pw6j-qg29-8w7f affects version 5.1.1 of tornado." }, "affects": [ { "ref": "pkg:pypi/tornado@5.1.1" } ] }, { "bom-ref": "urn:uuid:fad4d001-5b0b-5af7-9e2b-660db0352b35", "id": "GHSA-qppv-j76h-2rpx", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-qppv-j76h-2rpx affects version 5.1.1 of tornado." }, "affects": [ { "ref": "pkg:pypi/tornado@5.1.1" } ] }, { "bom-ref": "urn:uuid:ba526779-28d4-5ca2-8203-a889c5769f47", "id": "GHSA-w235-7p84-xx57", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-w235-7p84-xx57 affects version 5.1.1 of tornado." }, "affects": [ { "ref": "pkg:pypi/tornado@5.1.1" } ] } ], "dependencies": [ { "ref": "pkg:pypi/tornado@5.1.1" } ] }