{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:8ff120bb-b7dc-5557-97c3-acb4635ae785", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/karma@4.1.0-tuxcare.3", "type": "library", "name": "karma", "version": "4.1.0-tuxcare.3", "purl": "pkg:npm/karma@4.1.0-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:7c39a29d-5d14-5203-aa7b-c0410aaec74b", "id": "CVE-2021-23495", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-23495 affects version 4.1.0-tuxcare.3 of karma." }, "affects": [ { "ref": "pkg:npm/karma@4.1.0-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ead6efa7-c5c8-5550-8e5b-afe84fa3752d", "id": "CVE-2021-23807", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-23807 is fixed in version 4.1.0-tuxcare.3 of karma." }, "affects": [ { "ref": "pkg:npm/karma@4.1.0-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0b928376-06ec-5998-bc7e-1a183f6cdb1a", "id": "CVE-2022-0437", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-0437 affects version 4.1.0-tuxcare.3 of karma." }, "affects": [ { "ref": "pkg:npm/karma@4.1.0-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9b4a4e59-e901-556e-8141-3b15524854f2", "id": "CVE-2024-37890", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-37890 is fixed in version 4.1.0-tuxcare.3 of karma." }, "affects": [ { "ref": "pkg:npm/karma@4.1.0-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b2243025-eda4-5542-bbe0-b5e9c7008d7c", "id": "CVE-2025-64718", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-64718 is fixed in version 4.1.0-tuxcare.3 of karma." }, "affects": [ { "ref": "pkg:npm/karma@4.1.0-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:npm/karma@4.1.0-tuxcare.3" } ] }