{
  "@context": "https://openvex.dev/ns/v0.2.0",
  "@id": "https://clearcutt.internal/vex/coreLTS-slim/v0.8.1",
  "author": "ClearCutt Security Platform Gating Engine",
  "role": "Document Creator",
  "timestamp": "2026-06-04T08:01:19Z",
  "version": 1,
  "statements": [
    {
      "vulnerability": {
        "name": "CVE-2025-60876"
      },
      "products": [
        {
          "@id": "pkg:nix/coreLTS-slim@v0.8.1"
        }
      ],
      "status": "not_affected",
      "justification": "vulnerable_code_not_in_execute_path",
      "impact_statement": "This comes from the underlying base image, so ClearCutt lists it but cannot update it from the runtime layer."
    },
    {
      "vulnerability": {
        "name": "CVE-2025-46394"
      },
      "products": [
        {
          "@id": "pkg:nix/coreLTS-slim@v0.8.1"
        }
      ],
      "status": "not_affected",
      "justification": "vulnerable_code_not_in_execute_path",
      "impact_statement": "This comes from the underlying base image, so ClearCutt lists it but cannot update it from the runtime layer."
    },
    {
      "vulnerability": {
        "name": "CVE-2024-58251"
      },
      "products": [
        {
          "@id": "pkg:nix/coreLTS-slim@v0.8.1"
        }
      ],
      "status": "not_affected",
      "justification": "vulnerable_code_not_in_execute_path",
      "impact_statement": "This comes from the underlying base image, so ClearCutt lists it but cannot update it from the runtime layer."
    }
  ]
}