{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:5ba3936d-8aed-5118-9215-0a0a51f9c9ba", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/grunt-karma@4.0.1", "type": "library", "name": "grunt-karma", "version": "4.0.1", "purl": "pkg:npm/grunt-karma@4.0.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:caee147a-0763-58ee-832a-14ed9f0fb1ff", "id": "CVE-2020-7793", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-7793 affects version 4.0.1 of grunt-karma." }, "affects": [ { "ref": "pkg:npm/grunt-karma@4.0.1" } ] }, { "bom-ref": "urn:uuid:a11d0ecd-f1b5-5f7a-9e53-2fce5c048f0d", "id": "CVE-2021-23495", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-23495 affects version 4.0.1 of grunt-karma." }, "affects": [ { "ref": "pkg:npm/grunt-karma@4.0.1" } ] }, { "bom-ref": "urn:uuid:77703558-93a5-524a-b0a8-b49bd0890ebe", "id": "CVE-2021-27292", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-27292 affects version 4.0.1 of grunt-karma." }, "affects": [ { "ref": "pkg:npm/grunt-karma@4.0.1" } ] }, { "bom-ref": "urn:uuid:a9721f54-2328-5357-90ae-654eb435694c", "id": "CVE-2022-0437", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-0437 affects version 4.0.1 of grunt-karma." }, "affects": [ { "ref": "pkg:npm/grunt-karma@4.0.1" } ] }, { "bom-ref": "urn:uuid:4bc07f1f-f1c2-54de-a254-5acc7c253a64", "id": "CVE-2025-54798", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-54798 affects version 4.0.1 of grunt-karma." }, "affects": [ { "ref": "pkg:npm/grunt-karma@4.0.1" } ] } ], "dependencies": [ { "ref": "pkg:npm/grunt-karma@4.0.1" } ] }