{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:e9b87357-5b5a-53f1-b993-8e4a0fe60cdc", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/axios@0.27.2", "type": "library", "name": "axios", "version": "0.27.2", "purl": "pkg:npm/axios@0.27.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:71262d12-9133-5924-8409-83538e0e2b09", "id": "CVE-2024-39338", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-39338 affects version 0.27.2 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.27.2" } ] }, { "bom-ref": "urn:uuid:9b318014-209f-5493-aa3e-0a11e6ccbd8d", "id": "CVE-2025-62718", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-62718 affects version 0.27.2 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.27.2" } ] }, { "bom-ref": "urn:uuid:5cfa0a00-591e-55a4-8467-1a3aa8350e11", "id": "CVE-2026-39865", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-39865 affects version 0.27.2 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.27.2" } ] }, { "bom-ref": "urn:uuid:b284f2fa-b4cd-5b06-a40f-d370d3340f0e", "id": "CVE-2026-40175", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40175 affects version 0.27.2 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.27.2" } ] }, { "bom-ref": "urn:uuid:156c89b8-ef7d-5282-b5f7-0676160ff697", "id": "CVE-2026-42033", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42033 affects version 0.27.2 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.27.2" } ] }, { "bom-ref": "urn:uuid:f0066fb8-c981-57e3-9409-e35695f3edd0", "id": "CVE-2026-42034", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42034 affects version 0.27.2 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.27.2" } ] }, { "bom-ref": "urn:uuid:5caf2dc0-20da-5d8a-9260-a5145be8b6f2", "id": "CVE-2026-42035", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42035 affects version 0.27.2 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.27.2" } ] }, { "bom-ref": "urn:uuid:f57160a5-3795-5448-94bb-16c7da6fbcd0", "id": "CVE-2026-42036", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42036 affects version 0.27.2 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.27.2" } ] }, { "bom-ref": "urn:uuid:7fb6939a-3d92-5fe7-b2ae-1d84a8c1aa79", "id": "CVE-2026-42038", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42038 affects version 0.27.2 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.27.2" } ] }, { "bom-ref": "urn:uuid:a5e5dbd7-0dba-5989-8a67-60114ee617b9", "id": "CVE-2026-42039", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42039 affects version 0.27.2 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.27.2" } ] }, { "bom-ref": "urn:uuid:4d4dd3ce-f266-5e77-9600-3920912618a3", "id": "CVE-2026-42040", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42040 affects version 0.27.2 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.27.2" } ] }, { "bom-ref": "urn:uuid:e0d98d6c-8d03-590c-955b-d9f641a6ef69", "id": "CVE-2026-42041", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42041 affects version 0.27.2 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.27.2" } ] }, { "bom-ref": "urn:uuid:d3fb0ee1-4e05-58a7-9a40-ab63c3fbe6da", "id": "CVE-2026-42042", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42042 affects version 0.27.2 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.27.2" } ] }, { "bom-ref": "urn:uuid:0d0c8259-417d-5ab0-8bf5-17933b3328c6", "id": "CVE-2026-42043", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42043 affects version 0.27.2 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.27.2" } ] } ], "dependencies": [ { "ref": "pkg:npm/axios@0.27.2" } ] }