{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:7d449bab-2d61-58c7-8e9f-3eaafc76dda1", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/karma@1.7.0", "type": "library", "name": "karma", "version": "1.7.0", "purl": "pkg:npm/karma@1.7.0" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:2156de04-e47f-5c38-b7b1-a74ab8694a6d", "id": "CVE-2020-28481", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-28481 affects version 1.7.0 of karma." }, "affects": [ { "ref": "pkg:npm/karma@1.7.0" } ] }, { "bom-ref": "urn:uuid:61a73c8f-9e60-53d6-8aca-8f79142a81f1", "id": "CVE-2020-36048", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-36048 affects version 1.7.0 of karma." }, "affects": [ { "ref": "pkg:npm/karma@1.7.0" } ] }, { "bom-ref": "urn:uuid:bc08639b-975a-5269-9c2a-57eea4717b83", "id": "CVE-2020-36049", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-36049 affects version 1.7.0 of karma." }, "affects": [ { "ref": "pkg:npm/karma@1.7.0" } ] }, { "bom-ref": "urn:uuid:ef219aec-88e9-54f6-ac7d-597f536b46ee", "id": "CVE-2021-23495", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-23495 affects version 1.7.0 of karma." }, "affects": [ { "ref": "pkg:npm/karma@1.7.0" } ] }, { "bom-ref": "urn:uuid:da8f7f04-17cf-5ee6-9e2c-98ca4eab1497", "id": "CVE-2022-0437", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-0437 affects version 1.7.0 of karma." }, "affects": [ { "ref": "pkg:npm/karma@1.7.0" } ] }, { "bom-ref": "urn:uuid:9c06d4e4-3c12-54ac-a7e2-03412e35a4c3", "id": "CVE-2022-21704", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-21704 affects version 1.7.0 of karma." }, "affects": [ { "ref": "pkg:npm/karma@1.7.0" } ] }, { "bom-ref": "urn:uuid:3fa84741-337c-535a-9360-f8483f6c27e1", "id": "CVE-2022-2421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-2421 affects version 1.7.0 of karma." }, "affects": [ { "ref": "pkg:npm/karma@1.7.0" } ] }, { "bom-ref": "urn:uuid:cd59ae96-c064-5228-b6f7-c65f9505174f", "id": "CVE-2022-41940", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-41940 affects version 1.7.0 of karma." }, "affects": [ { "ref": "pkg:npm/karma@1.7.0" } ] }, { "bom-ref": "urn:uuid:093030b5-c4c0-5d15-9200-07de66de737a", "id": "CVE-2023-32695", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-32695 affects version 1.7.0 of karma." }, "affects": [ { "ref": "pkg:npm/karma@1.7.0" } ] }, { "bom-ref": "urn:uuid:22f04f70-78a8-5af4-969f-b3e813e974f4", "id": "CVE-2024-38355", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38355 affects version 1.7.0 of karma." }, "affects": [ { "ref": "pkg:npm/karma@1.7.0" } ] }, { "bom-ref": "urn:uuid:1df7d556-e9c2-59f1-855e-4027a23db1ae", "id": "CVE-2025-54798", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-54798 affects version 1.7.0 of karma." }, "affects": [ { "ref": "pkg:npm/karma@1.7.0" } ] }, { "bom-ref": "urn:uuid:5e24a2ed-f5d2-52f1-81cf-75c2556943c8", "id": "CVE-2026-33151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33151 affects version 1.7.0 of karma." }, "affects": [ { "ref": "pkg:npm/karma@1.7.0" } ] } ], "dependencies": [ { "ref": "pkg:npm/karma@1.7.0" } ] }