{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:06c2edd7-359a-5006-b45d-d1b846259ccd", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/axios@1.7.7", "type": "library", "name": "axios", "version": "1.7.7", "purl": "pkg:npm/axios@1.7.7" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:7006fd87-3e50-5662-a6eb-016c41cef287", "id": "CVE-2025-27152", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-27152 affects version 1.7.7 of axios." }, "affects": [ { "ref": "pkg:npm/axios@1.7.7" } ] }, { "bom-ref": "urn:uuid:77276684-870f-5458-9940-7c56e94f5615", "id": "CVE-2025-58754", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58754 affects version 1.7.7 of axios." }, "affects": [ { "ref": "pkg:npm/axios@1.7.7" } ] }, { "bom-ref": "urn:uuid:a9f43f6f-eaa8-55c4-8596-1b2c17d37a19", "id": "CVE-2025-62718", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-62718 affects version 1.7.7 of axios." }, "affects": [ { "ref": "pkg:npm/axios@1.7.7" } ] }, { "bom-ref": "urn:uuid:5a65fe3d-41ea-5e17-ae8d-d33a1455de29", "id": "CVE-2026-25639", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25639 affects version 1.7.7 of axios." }, "affects": [ { "ref": "pkg:npm/axios@1.7.7" } ] }, { "bom-ref": "urn:uuid:55535140-d1ae-5139-b74f-91234dfc5d77", "id": "CVE-2026-40175", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40175 affects version 1.7.7 of axios." }, "affects": [ { "ref": "pkg:npm/axios@1.7.7" } ] }, { "bom-ref": "urn:uuid:bcf24f22-2d09-58e7-b573-7fe5ebee3aa1", "id": "CVE-2026-42033", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42033 affects version 1.7.7 of axios." }, "affects": [ { "ref": "pkg:npm/axios@1.7.7" } ] }, { "bom-ref": "urn:uuid:c7ef6c86-a8b1-5381-a872-3e41a61fa40f", "id": "CVE-2026-42034", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42034 affects version 1.7.7 of axios." }, "affects": [ { "ref": "pkg:npm/axios@1.7.7" } ] }, { "bom-ref": "urn:uuid:41c40631-f027-55a6-9de4-41a77b40e9ab", "id": "CVE-2026-42035", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42035 affects version 1.7.7 of axios." }, "affects": [ { "ref": "pkg:npm/axios@1.7.7" } ] }, { "bom-ref": "urn:uuid:1a01dabb-cfdc-53fe-bc2a-b8ca05f69556", "id": "CVE-2026-42036", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42036 affects version 1.7.7 of axios." }, "affects": [ { "ref": "pkg:npm/axios@1.7.7" } ] }, { "bom-ref": "urn:uuid:314d93d7-b628-5bd6-9e86-3439d95b767e", "id": "CVE-2026-42037", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42037 affects version 1.7.7 of axios." }, "affects": [ { "ref": "pkg:npm/axios@1.7.7" } ] }, { "bom-ref": "urn:uuid:7897130a-557b-5022-adf5-4e13ffbf233b", "id": "CVE-2026-42038", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42038 affects version 1.7.7 of axios." }, "affects": [ { "ref": "pkg:npm/axios@1.7.7" } ] }, { "bom-ref": "urn:uuid:1e5b0c89-bf7f-5f62-a446-c0d3993f44bc", "id": "CVE-2026-42039", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42039 affects version 1.7.7 of axios." }, "affects": [ { "ref": "pkg:npm/axios@1.7.7" } ] }, { "bom-ref": "urn:uuid:16efec25-5123-5b01-a14d-037edd3be031", "id": "CVE-2026-42040", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42040 affects version 1.7.7 of axios." }, "affects": [ { "ref": "pkg:npm/axios@1.7.7" } ] }, { "bom-ref": "urn:uuid:f3a9ecaa-d3e8-5e86-9401-4c38d10d8535", "id": "CVE-2026-42041", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42041 affects version 1.7.7 of axios." }, "affects": [ { "ref": "pkg:npm/axios@1.7.7" } ] }, { "bom-ref": "urn:uuid:9fe24a3c-1cbd-5524-8fe4-93634152c69c", "id": "CVE-2026-42042", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42042 affects version 1.7.7 of axios." }, "affects": [ { "ref": "pkg:npm/axios@1.7.7" } ] }, { "bom-ref": "urn:uuid:a4b82e23-a053-5b00-a618-91078b184aa7", "id": "CVE-2026-42043", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42043 affects version 1.7.7 of axios." }, "affects": [ { "ref": "pkg:npm/axios@1.7.7" } ] }, { "bom-ref": "urn:uuid:ca2e08f4-2ed0-513e-b07a-428ebf751ff0", "id": "CVE-2026-42044", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42044 affects version 1.7.7 of axios." }, "affects": [ { "ref": "pkg:npm/axios@1.7.7" } ] }, { "bom-ref": "urn:uuid:6bd3cd3e-dfcd-54fd-96ce-02d2ace478d9", "id": "CVE-2026-42264", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42264 affects version 1.7.7 of axios." }, "affects": [ { "ref": "pkg:npm/axios@1.7.7" } ] } ], "dependencies": [ { "ref": "pkg:npm/axios@1.7.7" } ] }