{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:6ca51771-e4a4-583c-a2b7-bacb04288e77", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/axios@0.21.1", "type": "library", "name": "axios", "version": "0.21.1", "purl": "pkg:npm/axios@0.21.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:8fbe6db5-6f99-59ec-a806-37faa69a8981", "id": "CVE-2021-3749", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-3749 affects version 0.21.1 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.21.1" } ] }, { "bom-ref": "urn:uuid:29216335-4215-5441-96df-6c9b18c58458", "id": "CVE-2023-45857", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-45857 affects version 0.21.1 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.21.1" } ] }, { "bom-ref": "urn:uuid:7538f208-8734-5e86-9ed9-cdfd84916524", "id": "CVE-2024-39338", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-39338 affects version 0.21.1 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.21.1" } ] }, { "bom-ref": "urn:uuid:58559e70-1ed2-5967-bcd2-6b883cca9442", "id": "CVE-2025-27152", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-27152 affects version 0.21.1 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.21.1" } ] }, { "bom-ref": "urn:uuid:5c186518-329d-5938-8f65-74739fbc8234", "id": "CVE-2025-62718", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-62718 affects version 0.21.1 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.21.1" } ] }, { "bom-ref": "urn:uuid:9c1ac687-c94e-5ee1-a6c0-a1e819e2f8b2", "id": "CVE-2026-25639", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25639 affects version 0.21.1 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.21.1" } ] }, { "bom-ref": "urn:uuid:fb3f86dc-5990-5733-826b-a6486c0d3e02", "id": "CVE-2026-40175", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40175 affects version 0.21.1 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.21.1" } ] }, { "bom-ref": "urn:uuid:a3bb2aa8-3d5c-59cf-8f14-db5695c0affc", "id": "CVE-2026-42033", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42033 affects version 0.21.1 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.21.1" } ] }, { "bom-ref": "urn:uuid:adedfec4-f84c-5c87-bc6b-50bb90d97ce3", "id": "CVE-2026-42034", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42034 affects version 0.21.1 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.21.1" } ] }, { "bom-ref": "urn:uuid:fcee0b64-d7d1-5a69-9e46-e6d58d09e3fa", "id": "CVE-2026-42035", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42035 affects version 0.21.1 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.21.1" } ] }, { "bom-ref": "urn:uuid:6b2e00aa-b69b-598d-9189-68fa860b06d1", "id": "CVE-2026-42036", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42036 affects version 0.21.1 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.21.1" } ] }, { "bom-ref": "urn:uuid:e5534588-c1ce-5469-bbbe-4d1ebc87147f", "id": "CVE-2026-42038", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42038 affects version 0.21.1 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.21.1" } ] }, { "bom-ref": "urn:uuid:0f40559a-e393-56c9-b11f-604060fb2ad7", "id": "CVE-2026-42039", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42039 affects version 0.21.1 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.21.1" } ] }, { "bom-ref": "urn:uuid:e7d134cf-f74a-5aa4-9eb9-95a9dfba853c", "id": "CVE-2026-42040", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42040 affects version 0.21.1 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.21.1" } ] }, { "bom-ref": "urn:uuid:448e4b93-5c6f-549b-b2db-0e108fc36364", "id": "CVE-2026-42041", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42041 affects version 0.21.1 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.21.1" } ] }, { "bom-ref": "urn:uuid:b16688ca-202d-5012-83fe-de126f19c41b", "id": "CVE-2026-42042", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42042 affects version 0.21.1 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.21.1" } ] }, { "bom-ref": "urn:uuid:e9ae5dd1-72cc-5900-a90d-3eb15fb95001", "id": "CVE-2026-42043", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42043 affects version 0.21.1 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.21.1" } ] } ], "dependencies": [ { "ref": "pkg:npm/axios@0.21.1" } ] }