{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:81f51631-94fa-5c21-a6a1-55bfa3535c7c", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/karma@4.1.0-tuxcare.2", "type": "library", "name": "karma", "version": "4.1.0-tuxcare.2", "purl": "pkg:npm/karma@4.1.0-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:7241a556-21b9-550e-b839-315fe5f5ff70", "id": "CVE-2021-23495", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-23495 affects version 4.1.0-tuxcare.2 of karma." }, "affects": [ { "ref": "pkg:npm/karma@4.1.0-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:518abf2f-02e2-5355-a33f-7346d015a078", "id": "CVE-2021-23807", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-23807 is fixed in version 4.1.0-tuxcare.2 of karma." }, "affects": [ { "ref": "pkg:npm/karma@4.1.0-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:506a9aef-6afd-5be2-87f5-bcc418f8ebc1", "id": "CVE-2022-0437", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-0437 affects version 4.1.0-tuxcare.2 of karma." }, "affects": [ { "ref": "pkg:npm/karma@4.1.0-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e53968b6-d37a-59dc-a4bf-02fe7c91d2ca", "id": "CVE-2024-37890", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-37890 is fixed in version 4.1.0-tuxcare.2 of karma." }, "affects": [ { "ref": "pkg:npm/karma@4.1.0-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c5c86a73-a988-5dbd-ac46-c72dc115c90b", "id": "CVE-2025-64718", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-64718 is fixed in version 4.1.0-tuxcare.2 of karma." }, "affects": [ { "ref": "pkg:npm/karma@4.1.0-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:npm/karma@4.1.0-tuxcare.2" } ] }