{ "bomFormat": "CycloneDX", "specVersion": "1.4", "version": 1, "serialNumber": "urn:uuid:9dfaddaa-1809-441c-83df-604b34fcbf52", "metadata": { "timestamp": "2026-04-03T10:55:28.164174+00:00", "properties": [ { "name": "sbom_type", "value": "runtime_only" } ], "tools": [ { "vendor": "TII", "name": "sbomnix", "version": "1.7.4" } ], "component": { "type": "library", "bom-ref": "/nix/store/k3rqcvv64gw87srr1lgflpgy9x1bwxb0-cosmian-kms-server-5.20.0.drv", "name": "cosmian-kms-server", "version": "5.20.0", "purl": "pkg:nix/cosmian-kms-server@5.20.0", "cpe": "cpe:2.3:a:cosmian-kms-server:cosmian-kms-server:5.20.0:*:*:*:*:*:*:*", "properties": [ { "name": "nix:output_path", "value": "/nix/store/2d7bm5xp8y5m96b9g5q9psh2p41ildnq-cosmian-kms-server-5.20.0" }, { "name": "nix:drv_path", "value": "/nix/store/k3rqcvv64gw87srr1lgflpgy9x1bwxb0-cosmian-kms-server-5.20.0.drv" } ] } }, "components": [ { "type": "library", "bom-ref": "/nix/store/9lj1q8k38i7k8z4isnhb5j1h4n2hhjzm-glibc-2.34-210.drv", "name": "glibc", "version": "2.34-210", "purl": "pkg:nix/glibc@2.34-210", "cpe": "cpe:2.3:a:glibc:glibc:2.34-210:*:*:*:*:*:*:*", "properties": [ { "name": "nix:output_path", "value": "/nix/store/b2hc0i92l22ir2kavnjn3z5z6mzabbvm-glibc-2.34-210" }, { "name": "nix:drv_path", "value": "/nix/store/9lj1q8k38i7k8z4isnhb5j1h4n2hhjzm-glibc-2.34-210.drv" } ] }, { "type": "library", "bom-ref": "/nix/store/k579w215al09ygy03k53sx28af8cq749-libidn2-2.3.2.drv", "name": "libidn2", "version": "2.3.2", "purl": "pkg:nix/libidn2@2.3.2", "cpe": "cpe:2.3:a:gnu:libidn2:2.3.2:*:*:*:*:*:*:*", "properties": [ { "name": "nix:output_path", "value": "/nix/store/9jqiw71lq60sdpiniywq3msknf3wmd9c-libidn2-2.3.2" }, { "name": "nix:drv_path", "value": "/nix/store/k579w215al09ygy03k53sx28af8cq749-libidn2-2.3.2.drv" } ] }, { "type": "library", "bom-ref": "/nix/store/f4gxp7xg2w1y7i9cr1844a2jfb8d3yrk-libunistring-1.0.drv", "name": "libunistring", "version": "1.0", "purl": "pkg:nix/libunistring@1.0", "cpe": "cpe:2.3:a:libunistring:libunistring:1.0:*:*:*:*:*:*:*", "properties": [ { "name": "nix:output_path", "value": "/nix/store/gfqwbax0x58mjnh89ca6milx41bw49lr-libunistring-1.0" }, { "name": "nix:drv_path", "value": "/nix/store/f4gxp7xg2w1y7i9cr1844a2jfb8d3yrk-libunistring-1.0.drv" } ] }, { "type": "library", "bom-ref": "/nix/store/6vbdsrm7rs8z2bsghixrdic0mmlx0f3r-openssl-3.6.0.drv", "name": "openssl", "version": "3.6.0", "purl": "pkg:nix/openssl@3.6.0", "cpe": "cpe:2.3:a:openssl:openssl:3.6.0:*:*:*:*:*:*:*", "properties": [ { "name": "nix:output_path", "value": "/nix/store/1ffcpid8inwxv6isn3dsg61xcijrhj3f-openssl-3.6.0" }, { "name": "nix:drv_path", "value": "/nix/store/6vbdsrm7rs8z2bsghixrdic0mmlx0f3r-openssl-3.6.0.drv" } ] } ], "dependencies": [ { "ref": "/nix/store/k3rqcvv64gw87srr1lgflpgy9x1bwxb0-cosmian-kms-server-5.20.0.drv", "dependsOn": [ "/nix/store/6vbdsrm7rs8z2bsghixrdic0mmlx0f3r-openssl-3.6.0.drv" ] }, { "ref": "/nix/store/9lj1q8k38i7k8z4isnhb5j1h4n2hhjzm-glibc-2.34-210.drv", "dependsOn": [ "/nix/store/k579w215al09ygy03k53sx28af8cq749-libidn2-2.3.2.drv" ] }, { "ref": "/nix/store/k579w215al09ygy03k53sx28af8cq749-libidn2-2.3.2.drv", "dependsOn": [ "/nix/store/f4gxp7xg2w1y7i9cr1844a2jfb8d3yrk-libunistring-1.0.drv" ] }, { "ref": "/nix/store/f4gxp7xg2w1y7i9cr1844a2jfb8d3yrk-libunistring-1.0.drv" }, { "ref": "/nix/store/6vbdsrm7rs8z2bsghixrdic0mmlx0f3r-openssl-3.6.0.drv", "dependsOn": [ "/nix/store/9lj1q8k38i7k8z4isnhb5j1h4n2hhjzm-glibc-2.34-210.drv" ] } ], "vulnerabilities": [ { "bom-ref": "/nix/store/9lj1q8k38i7k8z4isnhb5j1h4n2hhjzm-glibc-2.34-210.drv", "id": "CVE-2023-0687", "source": { "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0687", "name": "NVD" }, "ratings": [ { "source": { "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0687", "name": "NVD" }, "score": 4.6 } ], "tools": [ { "name": "vulnix" } ] }, { "bom-ref": "/nix/store/9lj1q8k38i7k8z4isnhb5j1h4n2hhjzm-glibc-2.34-210.drv", "id": "CVE-2023-4813", "source": { "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-4813", "name": "NVD" }, "ratings": [ { "source": { "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-4813", "name": "NVD" }, "score": 5.9 } ], "tools": [ { "name": "vulnix" } ] }, { "bom-ref": "/nix/store/9lj1q8k38i7k8z4isnhb5j1h4n2hhjzm-glibc-2.34-210.drv", "id": "CVE-2024-33600", "source": { "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-33600", "name": "NVD" }, "ratings": [ { "source": { "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-33600", "name": "NVD" }, "score": 5.9 } ], "tools": [ { "name": "vulnix" } ] }, { "bom-ref": "/nix/store/9lj1q8k38i7k8z4isnhb5j1h4n2hhjzm-glibc-2.34-210.drv", "id": "CVE-2024-33601", "source": { "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-33601", "name": "NVD" }, "ratings": [ { "source": { "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-33601", "name": "NVD" }, "score": 7.3 } ], "tools": [ { "name": "vulnix" } ] }, { "bom-ref": "/nix/store/9lj1q8k38i7k8z4isnhb5j1h4n2hhjzm-glibc-2.34-210.drv", "id": "CVE-2024-33602", "source": { "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-33602", "name": "NVD" }, "ratings": [ { "source": { "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-33602", "name": "NVD" }, "score": 7.4 } ], "tools": [ { "name": "vulnix" } ] }, { "bom-ref": "/nix/store/9lj1q8k38i7k8z4isnhb5j1h4n2hhjzm-glibc-2.34-210.drv", "id": "CVE-2021-3998", "source": { "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3998", "name": "NVD" }, "ratings": [ { "source": { "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3998", "name": "NVD" }, "score": 7.5 } ], "tools": [ { "name": "vulnix" } ] }, { "bom-ref": "/nix/store/9lj1q8k38i7k8z4isnhb5j1h4n2hhjzm-glibc-2.34-210.drv", "id": "CVE-2023-5156", "source": { "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5156", "name": "NVD" }, "ratings": [ { "source": { "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5156", "name": "NVD" }, "score": 7.5 } ], "tools": [ { "name": "vulnix" } ] }, { "bom-ref": "/nix/store/9lj1q8k38i7k8z4isnhb5j1h4n2hhjzm-glibc-2.34-210.drv", "id": "CVE-2025-15281", "source": { "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-15281", "name": "NVD" }, "ratings": [ { "source": { "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-15281", "name": "NVD" }, "score": 7.5 } ], "tools": [ { "name": "vulnix" } ] }, { "bom-ref": "/nix/store/9lj1q8k38i7k8z4isnhb5j1h4n2hhjzm-glibc-2.34-210.drv", "id": "CVE-2026-0915", "source": { "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-0915", "name": "NVD" }, "ratings": [ { "source": { "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-0915", "name": "NVD" }, "score": 7.5 } ], "tools": [ { "name": "vulnix" } ] }, { "bom-ref": "/nix/store/9lj1q8k38i7k8z4isnhb5j1h4n2hhjzm-glibc-2.34-210.drv", "id": "CVE-2023-4911", "source": { "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-4911", "name": "NVD" }, "ratings": [ { "source": { "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-4911", "name": "NVD" }, "score": 7.8 } ], "tools": [ { "name": "vulnix" } ] }, { "bom-ref": "/nix/store/9lj1q8k38i7k8z4isnhb5j1h4n2hhjzm-glibc-2.34-210.drv", "id": "CVE-2025-4802", "source": { "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4802", "name": "NVD" }, "ratings": [ { "source": { "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4802", "name": "NVD" }, "score": 7.8 } ], "tools": [ { "name": "vulnix" } ] }, { "bom-ref": "/nix/store/9lj1q8k38i7k8z4isnhb5j1h4n2hhjzm-glibc-2.34-210.drv", "id": "CVE-2024-33599", "source": { "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-33599", "name": "NVD" }, "ratings": [ { "source": { "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-33599", "name": "NVD" }, "score": 8.1 } ], "tools": [ { "name": "vulnix" } ] }, { "bom-ref": "/nix/store/9lj1q8k38i7k8z4isnhb5j1h4n2hhjzm-glibc-2.34-210.drv", "id": "CVE-2026-0861", "source": { "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-0861", "name": "NVD" }, "ratings": [ { "source": { "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-0861", "name": "NVD" }, "score": 8.4 } ], "tools": [ { "name": "vulnix" } ] }, { "bom-ref": "/nix/store/6vbdsrm7rs8z2bsghixrdic0mmlx0f3r-openssl-3.6.0.drv", "id": "CVE-2025-69418", "source": { "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69418", "name": "NVD" }, "ratings": [ { "source": { "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69418", "name": "NVD" }, "score": 4.0 } ], "tools": [ { "name": "grype" }, { "name": "vulnix" } ] }, { "bom-ref": "/nix/store/6vbdsrm7rs8z2bsghixrdic0mmlx0f3r-openssl-3.6.0.drv", "id": "CVE-2025-68160", "source": { "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68160", "name": "NVD" }, "ratings": [ { "source": { "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68160", "name": "NVD" }, "score": 4.7 } ], "tools": [ { "name": "grype" }, { "name": "vulnix" } ] }, { "bom-ref": "/nix/store/6vbdsrm7rs8z2bsghixrdic0mmlx0f3r-openssl-3.6.0.drv", "id": "CVE-2026-22796", "source": { "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22796", "name": "NVD" }, "ratings": [ { "source": { "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22796", "name": "NVD" }, "score": 5.3 } ], "tools": [ { "name": "grype" }, { "name": "vulnix" } ] }, { "bom-ref": "/nix/store/6vbdsrm7rs8z2bsghixrdic0mmlx0f3r-openssl-3.6.0.drv", "id": "CVE-2025-15469", "source": { "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-15469", "name": "NVD" }, "ratings": [ { "source": { "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-15469", "name": "NVD" }, "score": 5.5 } ], "tools": [ { "name": "grype" }, { "name": "vulnix" } ] }, { "bom-ref": "/nix/store/6vbdsrm7rs8z2bsghixrdic0mmlx0f3r-openssl-3.6.0.drv", "id": "CVE-2026-22795", "source": { "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22795", "name": "NVD" }, "ratings": [ { "source": { "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22795", "name": "NVD" }, "score": 5.5 } ], "tools": [ { "name": "grype" }, { "name": "vulnix" } ] }, { "bom-ref": "/nix/store/6vbdsrm7rs8z2bsghixrdic0mmlx0f3r-openssl-3.6.0.drv", "id": "CVE-2025-15468", "source": { "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-15468", "name": "NVD" }, "ratings": [ { "source": { "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-15468", "name": "NVD" }, "score": 5.9 } ], "tools": [ { "name": "grype" }, { "name": "vulnix" } ] }, { "bom-ref": "/nix/store/6vbdsrm7rs8z2bsghixrdic0mmlx0f3r-openssl-3.6.0.drv", "id": "CVE-2025-66199", "source": { "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66199", "name": "NVD" }, "ratings": [ { "source": { "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66199", "name": "NVD" }, "score": 5.9 } ], "tools": [ { "name": "grype" }, { "name": "vulnix" } ] }, { "bom-ref": "/nix/store/6vbdsrm7rs8z2bsghixrdic0mmlx0f3r-openssl-3.6.0.drv", "id": "CVE-2025-11187", "source": { "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-11187", "name": "NVD" }, "ratings": [ { "source": { "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-11187", "name": "NVD" }, "score": 6.1 } ], "tools": [ { "name": "grype" }, { "name": "vulnix" } ] }, { "bom-ref": "/nix/store/6vbdsrm7rs8z2bsghixrdic0mmlx0f3r-openssl-3.6.0.drv", "id": "CVE-2025-69419", "source": { "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69419", "name": "NVD" }, "ratings": [ { "source": { "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69419", "name": "NVD" }, "score": 7.4 } ], "tools": [ { "name": "grype" }, { "name": "vulnix" } ] }, { "bom-ref": "/nix/store/6vbdsrm7rs8z2bsghixrdic0mmlx0f3r-openssl-3.6.0.drv", "id": "CVE-2025-69420", "source": { "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69420", "name": "NVD" }, "ratings": [ { "source": { "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69420", "name": "NVD" }, "score": 7.5 } ], "tools": [ { "name": "grype" }, { "name": "vulnix" } ] }, { "bom-ref": "/nix/store/6vbdsrm7rs8z2bsghixrdic0mmlx0f3r-openssl-3.6.0.drv", "id": "CVE-2025-69421", "source": { "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69421", "name": "NVD" }, "ratings": [ { "source": { "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69421", "name": "NVD" }, "score": 7.5 } ], "tools": [ { "name": "grype" }, { "name": "vulnix" } ] }, { "bom-ref": "/nix/store/6vbdsrm7rs8z2bsghixrdic0mmlx0f3r-openssl-3.6.0.drv", "id": "CVE-2026-2673", "source": { "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-2673", "name": "NVD" }, "ratings": [ { "source": { "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-2673", "name": "NVD" }, "score": 7.5 } ], "tools": [ { "name": "grype" } ] }, { "bom-ref": "/nix/store/6vbdsrm7rs8z2bsghixrdic0mmlx0f3r-openssl-3.6.0.drv", "id": "CVE-2025-15467", "source": { "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-15467", "name": "NVD" }, "ratings": [ { "source": { "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-15467", "name": "NVD" }, "score": 8.8 } ], "tools": [ { "name": "grype" }, { "name": "vulnix" } ] } ] }