{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:c18d32e1-63c9-5c9c-9769-eb343c97b0c9", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/karma@1.5.0", "type": "library", "name": "karma", "version": "1.5.0", "purl": "pkg:npm/karma@1.5.0" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:15df1eaa-dbee-54bb-87d3-3d4d239933b6", "id": "CVE-2020-28481", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-28481 affects version 1.5.0 of karma." }, "affects": [ { "ref": "pkg:npm/karma@1.5.0" } ] }, { "bom-ref": "urn:uuid:95f1a3e1-303b-5e3f-aa04-7e27e68cd7ef", "id": "CVE-2020-36048", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-36048 affects version 1.5.0 of karma." }, "affects": [ { "ref": "pkg:npm/karma@1.5.0" } ] }, { "bom-ref": "urn:uuid:07828410-e4ff-5125-997d-9c7afb903ee3", "id": "CVE-2020-36049", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-36049 affects version 1.5.0 of karma." }, "affects": [ { "ref": "pkg:npm/karma@1.5.0" } ] }, { "bom-ref": "urn:uuid:7d9cb6cb-e121-517c-a2d4-79863a437779", "id": "CVE-2021-23495", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-23495 affects version 1.5.0 of karma." }, "affects": [ { "ref": "pkg:npm/karma@1.5.0" } ] }, { "bom-ref": "urn:uuid:1910e39a-15c7-5195-b2e1-79fc546c9aef", "id": "CVE-2022-0437", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-0437 affects version 1.5.0 of karma." }, "affects": [ { "ref": "pkg:npm/karma@1.5.0" } ] }, { "bom-ref": "urn:uuid:30b06008-8238-503f-989f-58d649d83d79", "id": "CVE-2022-21704", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-21704 affects version 1.5.0 of karma." }, "affects": [ { "ref": "pkg:npm/karma@1.5.0" } ] }, { "bom-ref": "urn:uuid:8e943213-48b8-5f72-af31-225dad22f6ce", "id": "CVE-2022-2421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-2421 affects version 1.5.0 of karma." }, "affects": [ { "ref": "pkg:npm/karma@1.5.0" } ] }, { "bom-ref": "urn:uuid:24062be8-9985-57a6-88c9-5d4f7f4fc045", "id": "CVE-2022-41940", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-41940 affects version 1.5.0 of karma." }, "affects": [ { "ref": "pkg:npm/karma@1.5.0" } ] }, { "bom-ref": "urn:uuid:7000f38b-a714-55bd-9a99-ce90a9c5d543", "id": "CVE-2023-32695", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-32695 affects version 1.5.0 of karma." }, "affects": [ { "ref": "pkg:npm/karma@1.5.0" } ] }, { "bom-ref": "urn:uuid:cfb22f08-ed2a-53f1-8fb8-336d4950d5c2", "id": "CVE-2024-38355", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38355 affects version 1.5.0 of karma." }, "affects": [ { "ref": "pkg:npm/karma@1.5.0" } ] }, { "bom-ref": "urn:uuid:80e9e2e2-d359-5e4d-a754-2e6da052b366", "id": "CVE-2025-54798", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-54798 affects version 1.5.0 of karma." }, "affects": [ { "ref": "pkg:npm/karma@1.5.0" } ] }, { "bom-ref": "urn:uuid:6b7fc46f-8054-579e-82fe-a13fbd6d2ad9", "id": "CVE-2026-33151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33151 affects version 1.5.0 of karma." }, "affects": [ { "ref": "pkg:npm/karma@1.5.0" } ] } ], "dependencies": [ { "ref": "pkg:npm/karma@1.5.0" } ] }