{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:7a4a637a-54ae-59a9-b560-d119d523c074", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/socket.io@2.1.1-tuxcare.2", "type": "library", "name": "socket.io", "version": "2.1.1-tuxcare.2", "purl": "pkg:npm/socket.io@2.1.1-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:6489aa55-3245-5a21-91fd-d847fd99005d", "id": "CVE-2015-8860", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-8860 is fixed in version 2.1.1-tuxcare.2 of socket.io." }, "affects": [ { "ref": "pkg:npm/socket.io@2.1.1-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:39425684-2e1b-5e32-86da-7925f8027a9e", "id": "CVE-2017-16137", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2017-16137 is fixed in version 2.1.1-tuxcare.2 of socket.io." }, "affects": [ { "ref": "pkg:npm/socket.io@2.1.1-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b2481142-1cc9-55a4-87c1-48bc0581ddd6", "id": "CVE-2017-20165", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2017-20165 is fixed in version 2.1.1-tuxcare.2 of socket.io." }, "affects": [ { "ref": "pkg:npm/socket.io@2.1.1-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5a2bd062-dfb0-5a46-8252-0dac7c823ce4", "id": "CVE-2018-20834", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-20834 is fixed in version 2.1.1-tuxcare.2 of socket.io." }, "affects": [ { "ref": "pkg:npm/socket.io@2.1.1-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:912d0c24-0ee1-59ee-a33a-1167b0651a93", "id": "CVE-2020-28481", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-28481 is fixed in version 2.1.1-tuxcare.2 of socket.io." }, "affects": [ { "ref": "pkg:npm/socket.io@2.1.1-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d2554dd1-4dc3-5cbc-a32e-330c0eb80353", "id": "CVE-2020-28502", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-28502 affects version 2.1.1-tuxcare.2 of socket.io." }, "affects": [ { "ref": "pkg:npm/socket.io@2.1.1-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:58343793-3451-5a51-8ea7-fef06e4e9132", "id": "CVE-2020-36048", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-36048 affects version 2.1.1-tuxcare.2 of socket.io." }, "affects": [ { "ref": "pkg:npm/socket.io@2.1.1-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4d2b73d3-cd14-5394-9d8d-12dfd27b4ba7", "id": "CVE-2020-36049", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-36049 affects version 2.1.1-tuxcare.2 of socket.io." }, "affects": [ { "ref": "pkg:npm/socket.io@2.1.1-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a8c789da-4e3d-59bf-82dd-0326288f367a", "id": "CVE-2021-31597", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-31597 affects version 2.1.1-tuxcare.2 of socket.io." }, "affects": [ { "ref": "pkg:npm/socket.io@2.1.1-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ec22b02b-dda2-54ce-9dfd-968208f12463", "id": "CVE-2021-32804", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-32804 is fixed in version 2.1.1-tuxcare.2 of socket.io." }, "affects": [ { "ref": "pkg:npm/socket.io@2.1.1-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cfd3657b-5997-57c6-8c8e-02d92a373f07", "id": "CVE-2021-37713", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-37713 is fixed in version 2.1.1-tuxcare.2 of socket.io." }, "affects": [ { "ref": "pkg:npm/socket.io@2.1.1-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:515dbc4d-1c43-5204-9393-fbf99fbd3b28", "id": "CVE-2022-2421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-2421 affects version 2.1.1-tuxcare.2 of socket.io." }, "affects": [ { "ref": "pkg:npm/socket.io@2.1.1-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a7360423-f43e-5e84-9d98-b75e03418ccd", "id": "CVE-2022-41940", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-41940 affects version 2.1.1-tuxcare.2 of socket.io." }, "affects": [ { "ref": "pkg:npm/socket.io@2.1.1-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:535b9a3b-9592-53e0-923a-5b95e87ead49", "id": "CVE-2023-32695", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-32695 affects version 2.1.1-tuxcare.2 of socket.io." }, "affects": [ { "ref": "pkg:npm/socket.io@2.1.1-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c2de5e10-6c29-5129-9ef8-0bec6c97c8ba", "id": "CVE-2024-28863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-28863 is fixed in version 2.1.1-tuxcare.2 of socket.io." }, "affects": [ { "ref": "pkg:npm/socket.io@2.1.1-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f721522a-8a48-5745-88ad-3bce0fef3dde", "id": "CVE-2024-36751", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-36751 affects version 2.1.1-tuxcare.2 of socket.io." }, "affects": [ { "ref": "pkg:npm/socket.io@2.1.1-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:36e67317-5c89-57da-b0e0-a12349966f63", "id": "CVE-2024-37890", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-37890 affects version 2.1.1-tuxcare.2 of socket.io." }, "affects": [ { "ref": "pkg:npm/socket.io@2.1.1-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2a17d04c-dbd1-54aa-8a56-de6385903b0e", "id": "CVE-2024-38355", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38355 affects version 2.1.1-tuxcare.2 of socket.io." }, "affects": [ { "ref": "pkg:npm/socket.io@2.1.1-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8ad25e9d-eb9b-5a6d-b954-73417ee9fcfb", "id": "CVE-2024-47764", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-47764 affects version 2.1.1-tuxcare.2 of socket.io." }, "affects": [ { "ref": "pkg:npm/socket.io@2.1.1-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:89e7b4a6-34c4-5b02-853e-f567c4b3a304", "id": "CVE-2025-38355", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-38355 is fixed in version 2.1.1-tuxcare.2 of socket.io." }, "affects": [ { "ref": "pkg:npm/socket.io@2.1.1-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f9791575-450e-55d1-bc77-e25849fd241b", "id": "CVE-2026-23745", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-23745 is fixed in version 2.1.1-tuxcare.2 of socket.io." }, "affects": [ { "ref": "pkg:npm/socket.io@2.1.1-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:426f98ab-b409-5fb2-9925-b00fdbe4fcbb", "id": "CVE-2026-23950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-23950 is fixed in version 2.1.1-tuxcare.2 of socket.io." }, "affects": [ { "ref": "pkg:npm/socket.io@2.1.1-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:984e668b-33fc-5382-b277-92f5ac3ade33", "id": "CVE-2026-24842", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24842 is fixed in version 2.1.1-tuxcare.2 of socket.io." }, "affects": [ { "ref": "pkg:npm/socket.io@2.1.1-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:21951e95-b753-5e03-ae8d-254dd7c7bc62", "id": "CVE-2026-26960", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-26960 is fixed in version 2.1.1-tuxcare.2 of socket.io." }, "affects": [ { "ref": "pkg:npm/socket.io@2.1.1-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a052047f-755e-543b-8fc6-030aef995db0", "id": "CVE-2026-29786", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-29786 is fixed in version 2.1.1-tuxcare.2 of socket.io." }, "affects": [ { "ref": "pkg:npm/socket.io@2.1.1-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:84e795e2-5f61-50f1-8c0e-688f4ccd56f7", "id": "CVE-2026-33151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33151 affects version 2.1.1-tuxcare.2 of socket.io." }, "affects": [ { "ref": "pkg:npm/socket.io@2.1.1-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:npm/socket.io@2.1.1-tuxcare.2" } ] }