{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:af0e5741-fca3-5443-adc9-4d9e857ed5be", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/axios@0.27.2-tuxcare.2", "type": "library", "name": "axios", "version": "0.27.2-tuxcare.2", "purl": "pkg:npm/axios@0.27.2-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:e23f8dc8-4c63-5007-9556-33219491fad1", "id": "CVE-2023-45857", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45857 is fixed in version 0.27.2-tuxcare.2 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.27.2-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:80a481ac-8a41-5a4f-a363-9df6261efd4d", "id": "CVE-2024-39338", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-39338 affects version 0.27.2-tuxcare.2 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.27.2-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:86ad0ec6-f5f1-52b7-a475-f8d9d7c2085b", "id": "CVE-2025-27152", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-27152 is fixed in version 0.27.2-tuxcare.2 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.27.2-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:826d0020-2fe0-519f-957c-b37d62f1af72", "id": "CVE-2025-62718", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-62718 affects version 0.27.2-tuxcare.2 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.27.2-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b4802038-34ad-516d-a375-f6e758e89c55", "id": "CVE-2026-25639", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25639 is fixed in version 0.27.2-tuxcare.2 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.27.2-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:03cb1abe-4a58-5f6d-accb-af3df89f8cdd", "id": "CVE-2026-39865", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-39865 affects version 0.27.2-tuxcare.2 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.27.2-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2419a7c9-ba50-53f9-be7b-cf81eaf06008", "id": "CVE-2026-40175", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40175 affects version 0.27.2-tuxcare.2 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.27.2-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8fcf478b-0f34-5151-9cbf-d9b8da515df7", "id": "CVE-2026-42033", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42033 affects version 0.27.2-tuxcare.2 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.27.2-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6e175f99-c207-55ce-b848-046abc577fd7", "id": "CVE-2026-42034", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42034 affects version 0.27.2-tuxcare.2 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.27.2-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b101a8ad-ec80-5214-8f2a-63657f98adeb", "id": "CVE-2026-42035", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42035 affects version 0.27.2-tuxcare.2 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.27.2-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bfde85c5-243f-551d-9fc5-d37b7553ce03", "id": "CVE-2026-42036", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42036 affects version 0.27.2-tuxcare.2 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.27.2-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:017958ec-2e6e-5967-a3aa-49929d20a38b", "id": "CVE-2026-42038", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42038 affects version 0.27.2-tuxcare.2 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.27.2-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c6b63466-56a5-5e51-91a5-d2cef054622d", "id": "CVE-2026-42039", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42039 affects version 0.27.2-tuxcare.2 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.27.2-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bea10e27-b456-5097-9862-b0270871dc0f", "id": "CVE-2026-42040", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42040 affects version 0.27.2-tuxcare.2 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.27.2-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6833e093-d580-58f9-b5f3-f09372576aac", "id": "CVE-2026-42041", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42041 affects version 0.27.2-tuxcare.2 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.27.2-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1abad096-5e40-560b-8301-aad8f5fa0753", "id": "CVE-2026-42042", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42042 affects version 0.27.2-tuxcare.2 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.27.2-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c4718572-1335-52bd-bbc0-99e6dac954de", "id": "CVE-2026-42043", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42043 affects version 0.27.2-tuxcare.2 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.27.2-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:npm/axios@0.27.2-tuxcare.2" } ] }