{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:e76e35cb-101e-56a2-9a9a-75d9827fc955", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/axios@0.19.2", "type": "library", "name": "axios", "version": "0.19.2", "purl": "pkg:npm/axios@0.19.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:148be276-a9cf-5f84-a037-54fbd02ee495", "id": "CVE-2020-28168", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-28168 affects version 0.19.2 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.19.2" } ] }, { "bom-ref": "urn:uuid:0c0771be-723c-5ebf-8ead-5891f5469740", "id": "CVE-2021-3749", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-3749 affects version 0.19.2 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.19.2" } ] }, { "bom-ref": "urn:uuid:f64db0c5-929a-5f1e-8746-d001bca75cca", "id": "CVE-2023-45857", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-45857 affects version 0.19.2 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.19.2" } ] }, { "bom-ref": "urn:uuid:64a4a55e-d19c-51b2-920e-2260fa8975df", "id": "CVE-2024-39338", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-39338 affects version 0.19.2 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.19.2" } ] }, { "bom-ref": "urn:uuid:06509233-60a6-5550-8595-0ba577f87d5f", "id": "CVE-2025-27152", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-27152 affects version 0.19.2 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.19.2" } ] }, { "bom-ref": "urn:uuid:4f20cc4e-c37e-56df-b65a-7eaed3fafce2", "id": "CVE-2025-62718", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-62718 affects version 0.19.2 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.19.2" } ] }, { "bom-ref": "urn:uuid:31865805-c557-5848-8ba9-3388051dc204", "id": "CVE-2026-25639", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25639 affects version 0.19.2 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.19.2" } ] }, { "bom-ref": "urn:uuid:17e05e52-6f86-5fe5-89b0-a58d88d7f23a", "id": "CVE-2026-40175", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40175 affects version 0.19.2 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.19.2" } ] }, { "bom-ref": "urn:uuid:a8f818f8-5369-50c9-8e5f-21b71a2c6891", "id": "CVE-2026-42033", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42033 affects version 0.19.2 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.19.2" } ] }, { "bom-ref": "urn:uuid:ac88990a-4568-5ac1-965f-622ec78ec482", "id": "CVE-2026-42034", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42034 affects version 0.19.2 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.19.2" } ] }, { "bom-ref": "urn:uuid:39b77391-1967-5682-9a23-47b7125bf2c6", "id": "CVE-2026-42035", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42035 affects version 0.19.2 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.19.2" } ] }, { "bom-ref": "urn:uuid:db9bb4e4-f478-5325-9e1e-66bf698239db", "id": "CVE-2026-42036", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42036 affects version 0.19.2 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.19.2" } ] }, { "bom-ref": "urn:uuid:012f83ef-3e8b-5673-a7b9-b41b5fc3e8d8", "id": "CVE-2026-42038", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42038 affects version 0.19.2 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.19.2" } ] }, { "bom-ref": "urn:uuid:59153c00-a8c4-5d80-a666-56d577eb20d0", "id": "CVE-2026-42039", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42039 affects version 0.19.2 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.19.2" } ] }, { "bom-ref": "urn:uuid:9b29394b-5149-5199-af26-97fa162a5f20", "id": "CVE-2026-42040", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42040 affects version 0.19.2 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.19.2" } ] }, { "bom-ref": "urn:uuid:296d633c-1891-57cd-af70-adcc47218eba", "id": "CVE-2026-42041", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42041 affects version 0.19.2 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.19.2" } ] }, { "bom-ref": "urn:uuid:e5332486-aed1-5309-b170-2929326ff013", "id": "CVE-2026-42042", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42042 affects version 0.19.2 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.19.2" } ] }, { "bom-ref": "urn:uuid:fa5cf597-40a6-55f7-888e-b20e3666d488", "id": "CVE-2026-42043", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42043 affects version 0.19.2 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.19.2" } ] } ], "dependencies": [ { "ref": "pkg:npm/axios@0.19.2" } ] }