{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:ffded299-745a-5265-9a61-ca3121484abf", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:pypi/urllib3@2.0.7", "type": "library", "name": "urllib3", "version": "2.0.7", "purl": "pkg:pypi/urllib3@2.0.7" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:7e75fa7d-4124-58a6-b66b-a6200856ddfc", "id": "CVE-2024-37891", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-37891 affects version 2.0.7 of urllib3." }, "affects": [ { "ref": "pkg:pypi/urllib3@2.0.7" } ] }, { "bom-ref": "urn:uuid:6ce0f0ac-e4f5-5cc3-b914-4b8f2c506446", "id": "CVE-2025-66418", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66418 affects version 2.0.7 of urllib3." }, "affects": [ { "ref": "pkg:pypi/urllib3@2.0.7" } ] }, { "bom-ref": "urn:uuid:43479675-d93a-52f7-b3d7-40a8769c6521", "id": "CVE-2025-66471", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66471 affects version 2.0.7 of urllib3." }, "affects": [ { "ref": "pkg:pypi/urllib3@2.0.7" } ] }, { "bom-ref": "urn:uuid:e4293968-bf0e-5192-869f-5ede9720a754", "id": "CVE-2026-21441", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-21441 affects version 2.0.7 of urllib3." }, "affects": [ { "ref": "pkg:pypi/urllib3@2.0.7" } ] }, { "bom-ref": "urn:uuid:9a6601a6-8d14-5bea-862f-d3487a286153", "id": "CVE-2026-44431", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44431 affects version 2.0.7 of urllib3." }, "affects": [ { "ref": "pkg:pypi/urllib3@2.0.7" } ] } ], "dependencies": [ { "ref": "pkg:pypi/urllib3@2.0.7" } ] }