{
  "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
  "bomFormat": "CycloneDX",
  "specVersion": "1.6",
  "serialNumber": "urn:uuid:481915e2-67c5-54b4-8b8c-1230d9e676dc",
  "version": 1,
  "metadata": {
    "tools": [
      {
        "name": "tuxcare-vex-generator",
        "version": "1.0.0"
      }
    ]
  },
  "components": [
    {
      "bom-ref": "pkg:npm/basic-auth-connect@1.0.0",
      "type": "library",
      "name": "basic-auth-connect",
      "version": "1.0.0",
      "purl": "pkg:npm/basic-auth-connect@1.0.0"
    }
  ],
  "vulnerabilities": [
    {
      "bom-ref": "urn:uuid:df86673a-06d7-589f-9f2c-babe522d38ed",
      "id": "CVE-2016-2515",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2016-2515 affects version 1.0.0 of basic-auth-connect."
      },
      "affects": [
        {
          "ref": "pkg:npm/basic-auth-connect@1.0.0"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:454a7d1a-f3f6-5747-8248-580b231ce9ea",
      "id": "CVE-2017-20162",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2017-20162 affects version 1.0.0 of basic-auth-connect."
      },
      "affects": [
        {
          "ref": "pkg:npm/basic-auth-connect@1.0.0"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:faa82311-0aab-5b27-af2c-a4c83923f807",
      "id": "CVE-2018-3739",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2018-3739 affects version 1.0.0 of basic-auth-connect."
      },
      "affects": [
        {
          "ref": "pkg:npm/basic-auth-connect@1.0.0"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:1ef05f5c-6438-506f-ae07-e3afea845fc2",
      "id": "CVE-2021-33623",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2021-33623 affects version 1.0.0 of basic-auth-connect."
      },
      "affects": [
        {
          "ref": "pkg:npm/basic-auth-connect@1.0.0"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:041f49b6-718c-591a-8050-d2aa88c49ec0",
      "id": "CVE-2022-29167",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2022-29167 affects version 1.0.0 of basic-auth-connect."
      },
      "affects": [
        {
          "ref": "pkg:npm/basic-auth-connect@1.0.0"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:d8707c68-1e8a-5959-8b34-27465942ae31",
      "id": "GHSA-pc5p-h8pf-mvwp",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability GHSA-pc5p-h8pf-mvwp affects version 1.0.0 of basic-auth-connect."
      },
      "affects": [
        {
          "ref": "pkg:npm/basic-auth-connect@1.0.0"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:32a8ea8a-0064-5a0d-8d41-c2e3f42e6e84",
      "id": "GHSA-qrg3-f6h6-vq8q",
      "analysis": {
        "state": "false_positive",
        "detail": "Vulnerability GHSA-qrg3-f6h6-vq8q is a false positive for basic-auth-connect 1.0.0."
      },
      "affects": [
        {
          "ref": "pkg:npm/basic-auth-connect@1.0.0"
        }
      ]
    }
  ],
  "dependencies": [
    {
      "ref": "pkg:npm/basic-auth-connect@1.0.0"
    }
  ]
}