{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:fa2523d0-6fdb-5271-a4da-8178ca4d25fd", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/socket.io@2.1.1-tuxcare.1", "type": "library", "name": "socket.io", "version": "2.1.1-tuxcare.1", "purl": "pkg:npm/socket.io@2.1.1-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:d10df150-f9b2-5c68-88b9-7f5116dff8bb", "id": "CVE-2015-8860", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-8860 is fixed in version 2.1.1-tuxcare.1 of socket.io." }, "affects": [ { "ref": "pkg:npm/socket.io@2.1.1-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:60cf70d4-d393-5c32-95a4-e8833b29af2c", "id": "CVE-2017-16137", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-16137 affects version 2.1.1-tuxcare.1 of socket.io." }, "affects": [ { "ref": "pkg:npm/socket.io@2.1.1-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cd564dfd-1ff0-51d1-a407-7af9e7bb9b49", "id": "CVE-2017-20165", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2017-20165 is fixed in version 2.1.1-tuxcare.1 of socket.io." }, "affects": [ { "ref": "pkg:npm/socket.io@2.1.1-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7fc326f1-2fee-5f54-b3ec-83cb96503706", "id": "CVE-2018-20834", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-20834 is fixed in version 2.1.1-tuxcare.1 of socket.io." }, "affects": [ { "ref": "pkg:npm/socket.io@2.1.1-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ccd78026-869c-5eaf-ad65-8d72006cb305", "id": "CVE-2020-28481", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-28481 is fixed in version 2.1.1-tuxcare.1 of socket.io." }, "affects": [ { "ref": "pkg:npm/socket.io@2.1.1-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8d717bd9-de77-5968-960c-0e8f1cc9e6eb", "id": "CVE-2020-28502", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-28502 affects version 2.1.1-tuxcare.1 of socket.io." }, "affects": [ { "ref": "pkg:npm/socket.io@2.1.1-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:07e6755c-d628-5e4f-a2f1-039d48dfd2c1", "id": "CVE-2020-36048", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-36048 affects version 2.1.1-tuxcare.1 of socket.io." }, "affects": [ { "ref": "pkg:npm/socket.io@2.1.1-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cf32dfdf-b35e-5e75-b7ad-46346cde843b", "id": "CVE-2020-36049", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-36049 affects version 2.1.1-tuxcare.1 of socket.io." }, "affects": [ { "ref": "pkg:npm/socket.io@2.1.1-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9f26a4d0-e10f-557e-b817-da6a94589fa7", "id": "CVE-2021-31597", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-31597 affects version 2.1.1-tuxcare.1 of socket.io." }, "affects": [ { "ref": "pkg:npm/socket.io@2.1.1-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2449dc02-4fa3-5107-a682-1963e8a4b4b4", "id": "CVE-2021-32804", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-32804 is fixed in version 2.1.1-tuxcare.1 of socket.io." }, "affects": [ { "ref": "pkg:npm/socket.io@2.1.1-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8f0e91f6-c069-5cd5-b115-c81d2307cba0", "id": "CVE-2021-37713", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-37713 is fixed in version 2.1.1-tuxcare.1 of socket.io." }, "affects": [ { "ref": "pkg:npm/socket.io@2.1.1-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:642d3144-4baa-51f6-b5fa-c1700e07f5d2", "id": "CVE-2022-2421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-2421 affects version 2.1.1-tuxcare.1 of socket.io." }, "affects": [ { "ref": "pkg:npm/socket.io@2.1.1-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:54112057-d3e3-5f4b-adbf-f78e40c81ebb", "id": "CVE-2022-41940", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-41940 affects version 2.1.1-tuxcare.1 of socket.io." }, "affects": [ { "ref": "pkg:npm/socket.io@2.1.1-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:337cf9cc-a817-5cd5-99c0-8b39aa220aae", "id": "CVE-2023-32695", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-32695 affects version 2.1.1-tuxcare.1 of socket.io." }, "affects": [ { "ref": "pkg:npm/socket.io@2.1.1-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ec3c7768-1990-57c0-8801-85e2e12b3071", "id": "CVE-2024-28863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-28863 is fixed in version 2.1.1-tuxcare.1 of socket.io." }, "affects": [ { "ref": "pkg:npm/socket.io@2.1.1-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6679afc1-8e4f-5e24-b758-04daeee2d589", "id": "CVE-2024-36751", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-36751 affects version 2.1.1-tuxcare.1 of socket.io." }, "affects": [ { "ref": "pkg:npm/socket.io@2.1.1-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b5207a40-fa45-5512-b639-0d10605588e7", "id": "CVE-2024-37890", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-37890 affects version 2.1.1-tuxcare.1 of socket.io." }, "affects": [ { "ref": "pkg:npm/socket.io@2.1.1-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ba8fc20d-259f-5610-9071-dd9c1af449a5", "id": "CVE-2024-38355", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38355 affects version 2.1.1-tuxcare.1 of socket.io." }, "affects": [ { "ref": "pkg:npm/socket.io@2.1.1-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:49567161-afdb-536c-8ffb-0003d3ebf9ea", "id": "CVE-2024-47764", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-47764 affects version 2.1.1-tuxcare.1 of socket.io." }, "affects": [ { "ref": "pkg:npm/socket.io@2.1.1-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:da2bbc08-0653-5480-ac87-c14513e817f7", "id": "CVE-2025-38355", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-38355 affects version 2.1.1-tuxcare.1 of socket.io." }, "affects": [ { "ref": "pkg:npm/socket.io@2.1.1-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c2b4a2de-1d46-5742-9ad8-b490a91dcd58", "id": "CVE-2026-23745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-23745 affects version 2.1.1-tuxcare.1 of socket.io." }, "affects": [ { "ref": "pkg:npm/socket.io@2.1.1-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:915d3108-cf5c-5116-9a04-7669bfbb84d3", "id": "CVE-2026-23950", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-23950 affects version 2.1.1-tuxcare.1 of socket.io." }, "affects": [ { "ref": "pkg:npm/socket.io@2.1.1-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:85c85560-acaa-5431-bdb8-0ebbbac7d7b1", "id": "CVE-2026-24842", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24842 affects version 2.1.1-tuxcare.1 of socket.io." }, "affects": [ { "ref": "pkg:npm/socket.io@2.1.1-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6d5ad79a-ff21-5024-b682-43231bf9ea66", "id": "CVE-2026-26960", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-26960 affects version 2.1.1-tuxcare.1 of socket.io." }, "affects": [ { "ref": "pkg:npm/socket.io@2.1.1-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:31afe433-296f-51b1-8f80-ccb83bda36b3", "id": "CVE-2026-29786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29786 affects version 2.1.1-tuxcare.1 of socket.io." }, "affects": [ { "ref": "pkg:npm/socket.io@2.1.1-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:22746fc3-93cf-5b41-aad1-d7c00b11c2cc", "id": "CVE-2026-33151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33151 affects version 2.1.1-tuxcare.1 of socket.io." }, "affects": [ { "ref": "pkg:npm/socket.io@2.1.1-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:npm/socket.io@2.1.1-tuxcare.1" } ] }