{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:5f5ee1b3-3c7f-5098-85a8-183b7a2b9616", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/cross-spawn@5.1.0", "type": "library", "name": "cross-spawn", "version": "5.1.0", "purl": "pkg:npm/cross-spawn@5.1.0" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:9905d3ff-aff7-57d7-837f-4d9669d9fe4f", "id": "CVE-2019-16769", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-16769 affects version 5.1.0 of cross-spawn." }, "affects": [ { "ref": "pkg:npm/cross-spawn@5.1.0" } ] }, { "bom-ref": "urn:uuid:a30b0661-79f2-53c7-b74b-05fbac2dbc15", "id": "CVE-2020-15366", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-15366 affects version 5.1.0 of cross-spawn." }, "affects": [ { "ref": "pkg:npm/cross-spawn@5.1.0" } ] }, { "bom-ref": "urn:uuid:98ab8bdc-659c-5441-8911-a1d57541d1fc", "id": "CVE-2020-5284", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5284 affects version 5.1.0 of cross-spawn." }, "affects": [ { "ref": "pkg:npm/cross-spawn@5.1.0" } ] }, { "bom-ref": "urn:uuid:f989b9ce-475c-5f14-b340-6e4aa926634d", "id": "CVE-2020-7598", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-7598 affects version 5.1.0 of cross-spawn." }, "affects": [ { "ref": "pkg:npm/cross-spawn@5.1.0" } ] }, { "bom-ref": "urn:uuid:8ee71721-a95e-5a24-9b15-ece3ad411fbf", "id": "CVE-2020-7608", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-7608 affects version 5.1.0 of cross-spawn." }, "affects": [ { "ref": "pkg:npm/cross-spawn@5.1.0" } ] }, { "bom-ref": "urn:uuid:98cb3a70-4f86-5195-82bc-59b340e78440", "id": "CVE-2020-7660", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-7660 affects version 5.1.0 of cross-spawn." }, "affects": [ { "ref": "pkg:npm/cross-spawn@5.1.0" } ] }, { "bom-ref": "urn:uuid:8989a70d-6116-57c4-a1e0-7af8377f2729", "id": "CVE-2021-23424", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-23424 affects version 5.1.0 of cross-spawn." }, "affects": [ { "ref": "pkg:npm/cross-spawn@5.1.0" } ] }, { "bom-ref": "urn:uuid:8cda909d-da3f-589e-9e33-8c715c413a2d", "id": "CVE-2021-27290", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-27290 affects version 5.1.0 of cross-spawn." }, "affects": [ { "ref": "pkg:npm/cross-spawn@5.1.0" } ] }, { "bom-ref": "urn:uuid:0436d623-c581-5919-9122-1cd930859f6e", "id": "CVE-2021-37699", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-37699 affects version 5.1.0 of cross-spawn." }, "affects": [ { "ref": "pkg:npm/cross-spawn@5.1.0" } ] }, { "bom-ref": "urn:uuid:1757a4e6-f2da-56d1-a824-8e92b93cc075", "id": "CVE-2021-43803", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-43803 affects version 5.1.0 of cross-spawn." }, "affects": [ { "ref": "pkg:npm/cross-spawn@5.1.0" } ] }, { "bom-ref": "urn:uuid:49f08a89-a731-56c2-9338-34c94dad14d1", "id": "CVE-2021-44906", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-44906 affects version 5.1.0 of cross-spawn." }, "affects": [ { "ref": "pkg:npm/cross-spawn@5.1.0" } ] }, { "bom-ref": "urn:uuid:9016d5cd-231d-5c0b-afb3-4290019f91b0", "id": "CVE-2022-0235", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-0235 affects version 5.1.0 of cross-spawn." }, "affects": [ { "ref": "pkg:npm/cross-spawn@5.1.0" } ] }, { "bom-ref": "urn:uuid:ea8f328a-9fa8-5f7f-8612-cd26d6059982", "id": "CVE-2022-25883", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-25883 affects version 5.1.0 of cross-spawn." }, "affects": [ { "ref": "pkg:npm/cross-spawn@5.1.0" } ] }, { "bom-ref": "urn:uuid:31ef6eb7-e5ba-51b7-96a2-ccc2ddddc330", "id": "CVE-2022-33987", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-33987 affects version 5.1.0 of cross-spawn." }, "affects": [ { "ref": "pkg:npm/cross-spawn@5.1.0" } ] }, { "bom-ref": "urn:uuid:7ae00549-5515-5115-a46b-0e1b2b80cab8", "id": "CVE-2022-37599", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-37599 affects version 5.1.0 of cross-spawn." }, "affects": [ { "ref": "pkg:npm/cross-spawn@5.1.0" } ] }, { "bom-ref": "urn:uuid:7915fe32-aeec-5bd3-b91c-0c1dd3f884c7", "id": "CVE-2022-37601", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-37601 affects version 5.1.0 of cross-spawn." }, "affects": [ { "ref": "pkg:npm/cross-spawn@5.1.0" } ] }, { "bom-ref": "urn:uuid:367dd747-544d-5450-bcfe-3962db2f38cf", "id": "CVE-2022-37603", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-37603 affects version 5.1.0 of cross-spawn." }, "affects": [ { "ref": "pkg:npm/cross-spawn@5.1.0" } ] }, { "bom-ref": "urn:uuid:6599a2e1-ac00-5e83-9a3d-0f100eadfab3", "id": "CVE-2022-46175", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-46175 affects version 5.1.0 of cross-spawn." }, "affects": [ { "ref": "pkg:npm/cross-spawn@5.1.0" } ] }, { "bom-ref": "urn:uuid:1bc593a0-97e2-5e48-b38e-7716765ab2e7", "id": "CVE-2023-45133", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-45133 affects version 5.1.0 of cross-spawn." }, "affects": [ { "ref": "pkg:npm/cross-spawn@5.1.0" } ] }, { "bom-ref": "urn:uuid:4362af79-2fea-5073-8c4d-67a392958480", "id": "CVE-2023-46298", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-46298 affects version 5.1.0 of cross-spawn." }, "affects": [ { "ref": "pkg:npm/cross-spawn@5.1.0" } ] }, { "bom-ref": "urn:uuid:620dff06-909f-5641-a1bb-e0f59e386247", "id": "CVE-2024-29180", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-29180 affects version 5.1.0 of cross-spawn." }, "affects": [ { "ref": "pkg:npm/cross-spawn@5.1.0" } ] }, { "bom-ref": "urn:uuid:56a93ebc-c602-521d-a02e-0049bad26674", "id": "CVE-2024-4067", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-4067 affects version 5.1.0 of cross-spawn." }, "affects": [ { "ref": "pkg:npm/cross-spawn@5.1.0" } ] }, { "bom-ref": "urn:uuid:04f41c89-d090-50b1-824d-3bddce9ace40", "id": "CVE-2024-4068", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-4068 affects version 5.1.0 of cross-spawn." }, "affects": [ { "ref": "pkg:npm/cross-spawn@5.1.0" } ] }, { "bom-ref": "urn:uuid:1ed7ee30-7db0-5121-a341-9889d417ce6d", "id": "CVE-2024-43799", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-43799 affects version 5.1.0 of cross-spawn." }, "affects": [ { "ref": "pkg:npm/cross-spawn@5.1.0" } ] }, { "bom-ref": "urn:uuid:64eb7ab5-18af-5845-b3cd-a58df81672eb", "id": "CVE-2024-45296", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-45296 affects version 5.1.0 of cross-spawn." }, "affects": [ { "ref": "pkg:npm/cross-spawn@5.1.0" } ] }, { "bom-ref": "urn:uuid:cf88529d-e62b-5bce-85fe-2210ecfd1977", "id": "CVE-2025-14505", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-14505 affects version 5.1.0 of cross-spawn." }, "affects": [ { "ref": "pkg:npm/cross-spawn@5.1.0" } ] }, { "bom-ref": "urn:uuid:84ec266b-bab3-562d-a262-5f03f1dfac5b", "id": "CVE-2025-32421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-32421 affects version 5.1.0 of cross-spawn." }, "affects": [ { "ref": "pkg:npm/cross-spawn@5.1.0" } ] }, { "bom-ref": "urn:uuid:e2880ade-5d87-5a61-98aa-49cde2f0012a", "id": "CVE-2025-55173", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55173 affects version 5.1.0 of cross-spawn." }, "affects": [ { "ref": "pkg:npm/cross-spawn@5.1.0" } ] }, { "bom-ref": "urn:uuid:d127a3c5-8207-5220-b8a8-f0227efcca1d", "id": "CVE-2025-57352", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-57352 affects version 5.1.0 of cross-spawn." }, "affects": [ { "ref": "pkg:npm/cross-spawn@5.1.0" } ] }, { "bom-ref": "urn:uuid:f8593b43-e198-560d-8713-322afd1679f3", "id": "CVE-2025-57752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-57752 affects version 5.1.0 of cross-spawn." }, "affects": [ { "ref": "pkg:npm/cross-spawn@5.1.0" } ] }, { "bom-ref": "urn:uuid:e2e75e38-d625-5a96-8435-1fb2d440aad4", "id": "CVE-2025-57822", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-57822 affects version 5.1.0 of cross-spawn." }, "affects": [ { "ref": "pkg:npm/cross-spawn@5.1.0" } ] }, { "bom-ref": "urn:uuid:151c6d2a-35be-5e14-bd29-be774242390f", "id": "CVE-2026-2739", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2739 affects version 5.1.0 of cross-spawn." }, "affects": [ { "ref": "pkg:npm/cross-spawn@5.1.0" } ] }, { "bom-ref": "urn:uuid:a41a6c36-f41c-5d04-bad5-758c6059a818", "id": "GHSA-4xcv-9jjx-gfj3", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-4xcv-9jjx-gfj3 affects version 5.1.0 of cross-spawn." }, "affects": [ { "ref": "pkg:npm/cross-spawn@5.1.0" } ] }, { "bom-ref": "urn:uuid:4600abbb-122d-5906-98fe-cf95e467b729", "id": "GHSA-5c6j-r48x-rmvq", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-5c6j-r48x-rmvq affects version 5.1.0 of cross-spawn." }, "affects": [ { "ref": "pkg:npm/cross-spawn@5.1.0" } ] }, { "bom-ref": "urn:uuid:5eaedc6d-15e6-5e02-8d35-b8f71a3c3742", "id": "GHSA-7fhm-mqm4-2wp7", "analysis": { "state": "false_positive", "detail": "Vulnerability GHSA-7fhm-mqm4-2wp7 is a false positive for cross-spawn 5.1.0." }, "affects": [ { "ref": "pkg:npm/cross-spawn@5.1.0" } ] } ], "dependencies": [ { "ref": "pkg:npm/cross-spawn@5.1.0" } ] }