{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:a6d4de87-5175-5e6d-8d85-935d70c4781c", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/lodash@3.2.0-tuxcare.2", "type": "library", "name": "lodash", "version": "3.2.0-tuxcare.2", "purl": "pkg:npm/lodash@3.2.0-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:a95222f9-cf66-56dd-843f-ed547b9346e6", "id": "CVE-2016-10735", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-10735 is fixed in version 3.2.0-tuxcare.2 of lodash." }, "affects": [ { "ref": "pkg:npm/lodash@3.2.0-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4f5ee530-f549-5068-9c28-c635752d6b35", "id": "CVE-2018-14040", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-14040 is fixed in version 3.2.0-tuxcare.2 of lodash." }, "affects": [ { "ref": "pkg:npm/lodash@3.2.0-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9549a638-2f7f-528d-8840-b1b80ae7f068", "id": "CVE-2018-14042", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-14042 is fixed in version 3.2.0-tuxcare.2 of lodash." }, "affects": [ { "ref": "pkg:npm/lodash@3.2.0-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cef63186-2436-5912-b355-98f1efea04b6", "id": "CVE-2018-16487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-16487 is fixed in version 3.2.0-tuxcare.2 of lodash." }, "affects": [ { "ref": "pkg:npm/lodash@3.2.0-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:80a7854d-8212-5b23-b2f6-9737c6981bb5", "id": "CVE-2018-20676", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-20676 is fixed in version 3.2.0-tuxcare.2 of lodash." }, "affects": [ { "ref": "pkg:npm/lodash@3.2.0-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:579c1a79-92fe-5d86-9b28-be7d4eca16db", "id": "CVE-2018-20677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-20677 is fixed in version 3.2.0-tuxcare.2 of lodash." }, "affects": [ { "ref": "pkg:npm/lodash@3.2.0-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:af4b2ac4-74c2-56af-b29e-f9918d3b22a9", "id": "CVE-2018-3721", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-3721 is fixed in version 3.2.0-tuxcare.2 of lodash." }, "affects": [ { "ref": "pkg:npm/lodash@3.2.0-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f2a0d052-cf40-505d-bc85-cc8b91173ebb", "id": "CVE-2019-10744", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2019-10744 is fixed in version 3.2.0-tuxcare.2 of lodash." }, "affects": [ { "ref": "pkg:npm/lodash@3.2.0-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c4f04ec5-81fc-53bb-a729-1be566cf7f91", "id": "CVE-2019-14862", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2019-14862 is fixed in version 3.2.0-tuxcare.2 of lodash." }, "affects": [ { "ref": "pkg:npm/lodash@3.2.0-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c25e9fe8-1eea-576d-9c76-dba5034fbb65", "id": "CVE-2019-8331", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2019-8331 is fixed in version 3.2.0-tuxcare.2 of lodash." }, "affects": [ { "ref": "pkg:npm/lodash@3.2.0-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9534916e-9b9e-592e-a1ee-a1899e911261", "id": "CVE-2020-36049", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-36049 is fixed in version 3.2.0-tuxcare.2 of lodash." }, "affects": [ { "ref": "pkg:npm/lodash@3.2.0-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4772ae1c-6e96-5dd8-a3c0-ffe5ceb43583", "id": "CVE-2020-8203", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-8203 is fixed in version 3.2.0-tuxcare.2 of lodash." }, "affects": [ { "ref": "pkg:npm/lodash@3.2.0-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cab6ae4a-947e-532a-bdd8-5d58c83d89e6", "id": "CVE-2021-23337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-23337 is fixed in version 3.2.0-tuxcare.2 of lodash." }, "affects": [ { "ref": "pkg:npm/lodash@3.2.0-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ea6e50f4-951f-5c9f-be06-51850dbfd120", "id": "CVE-2022-2421", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-2421 is fixed in version 3.2.0-tuxcare.2 of lodash." }, "affects": [ { "ref": "pkg:npm/lodash@3.2.0-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fcda8b70-6333-5baf-9148-13f2aa10164c", "id": "CVE-2023-32695", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-32695 is fixed in version 3.2.0-tuxcare.2 of lodash." }, "affects": [ { "ref": "pkg:npm/lodash@3.2.0-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4d1f6c46-b8b4-5481-aa99-054904de115a", "id": "CVE-2024-6484", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6484 is fixed in version 3.2.0-tuxcare.2 of lodash." }, "affects": [ { "ref": "pkg:npm/lodash@3.2.0-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:32358e89-f2e6-544b-82d3-8d24ba63d3b9", "id": "CVE-2024-6485", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6485 is fixed in version 3.2.0-tuxcare.2 of lodash." }, "affects": [ { "ref": "pkg:npm/lodash@3.2.0-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4dedf979-7ccd-57f0-8eab-3c555ab42e38", "id": "CVE-2025-13465", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-13465 affects version 3.2.0-tuxcare.2 of lodash." }, "affects": [ { "ref": "pkg:npm/lodash@3.2.0-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2af7b75d-b581-54cc-9d2d-56ac5582aa19", "id": "CVE-2026-2950", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2950 affects version 3.2.0-tuxcare.2 of lodash." }, "affects": [ { "ref": "pkg:npm/lodash@3.2.0-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3dd63539-4ce6-532c-a79f-4075b2ea8e67", "id": "CVE-2026-4800", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-4800 is fixed in version 3.2.0-tuxcare.2 of lodash." }, "affects": [ { "ref": "pkg:npm/lodash@3.2.0-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:npm/lodash@3.2.0-tuxcare.2" } ] }