{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:ddd525dc-3c55-5097-a5b5-17a258b4b425", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/axios@0.24.0", "type": "library", "name": "axios", "version": "0.24.0", "purl": "pkg:npm/axios@0.24.0" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:6c3e81bb-2371-59e9-aa7e-0b5aca1194d9", "id": "CVE-2023-45857", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-45857 affects version 0.24.0 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.24.0" } ] }, { "bom-ref": "urn:uuid:1cfd0152-6684-57ef-bd06-73610c8fca1b", "id": "CVE-2024-39338", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-39338 affects version 0.24.0 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.24.0" } ] }, { "bom-ref": "urn:uuid:bc08bc3b-0141-59e0-af54-4a1ce0f89def", "id": "CVE-2025-27152", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-27152 affects version 0.24.0 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.24.0" } ] }, { "bom-ref": "urn:uuid:faa29c08-4d8a-5d00-8996-9fe43fd46168", "id": "CVE-2025-62718", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-62718 affects version 0.24.0 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.24.0" } ] }, { "bom-ref": "urn:uuid:88edd5bf-9fcc-5985-8bf2-9a856a81cd03", "id": "CVE-2026-25639", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-25639 affects version 0.24.0 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.24.0" } ] }, { "bom-ref": "urn:uuid:230bcf28-a0ea-5dc7-a99a-93f6d647bc12", "id": "CVE-2026-40175", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40175 affects version 0.24.0 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.24.0" } ] }, { "bom-ref": "urn:uuid:821c939b-e576-5fb6-bcfa-966024c92651", "id": "CVE-2026-42033", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42033 affects version 0.24.0 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.24.0" } ] }, { "bom-ref": "urn:uuid:6365cd72-54ba-50fd-af50-02fd5218c613", "id": "CVE-2026-42034", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42034 affects version 0.24.0 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.24.0" } ] }, { "bom-ref": "urn:uuid:5a2917bd-7095-5cb7-bb65-cd8de6de81f6", "id": "CVE-2026-42035", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42035 affects version 0.24.0 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.24.0" } ] }, { "bom-ref": "urn:uuid:c314e05b-a877-5490-87e6-20bdf2432972", "id": "CVE-2026-42036", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42036 affects version 0.24.0 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.24.0" } ] }, { "bom-ref": "urn:uuid:2e649e7b-380b-53ce-84c6-94b0b9178511", "id": "CVE-2026-42038", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42038 affects version 0.24.0 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.24.0" } ] }, { "bom-ref": "urn:uuid:85def9fe-3954-5798-9b94-9c8844c3fe0d", "id": "CVE-2026-42039", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42039 affects version 0.24.0 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.24.0" } ] }, { "bom-ref": "urn:uuid:e568c448-2e2b-5885-a4be-92aa40224986", "id": "CVE-2026-42040", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42040 affects version 0.24.0 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.24.0" } ] }, { "bom-ref": "urn:uuid:2d7f47f0-9f4c-5802-8fe6-93015f4af113", "id": "CVE-2026-42041", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42041 affects version 0.24.0 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.24.0" } ] }, { "bom-ref": "urn:uuid:bd0de389-9292-5cd1-9133-2dc612f026e1", "id": "CVE-2026-42042", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42042 affects version 0.24.0 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.24.0" } ] }, { "bom-ref": "urn:uuid:42d2f0bf-5465-5c02-93cb-231178157a4d", "id": "CVE-2026-42043", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42043 affects version 0.24.0 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.24.0" } ] }, { "bom-ref": "urn:uuid:74ae9de2-e858-5beb-83f1-2f0925416dbb", "id": "CVE-2026-44486", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44486 affects version 0.24.0 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.24.0" } ] }, { "bom-ref": "urn:uuid:d933847e-7a04-569c-b9bb-b13fc1c42b2d", "id": "CVE-2026-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44487 affects version 0.24.0 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.24.0" } ] }, { "bom-ref": "urn:uuid:a64d8129-7a9d-54d0-9715-4e598db32d84", "id": "CVE-2026-44490", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44490 affects version 0.24.0 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.24.0" } ] }, { "bom-ref": "urn:uuid:b99c2caa-1400-54aa-a34e-db285fe3b61e", "id": "CVE-2026-44492", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44492 affects version 0.24.0 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.24.0" } ] }, { "bom-ref": "urn:uuid:3e2084a1-21d3-515a-8c9b-70a7ef843ce2", "id": "CVE-2026-44495", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44495 affects version 0.24.0 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.24.0" } ] }, { "bom-ref": "urn:uuid:35aa9ef6-97df-5601-bdd7-16771458c375", "id": "CVE-2026-44496", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44496 affects version 0.24.0 of axios." }, "affects": [ { "ref": "pkg:npm/axios@0.24.0" } ] } ], "dependencies": [ { "ref": "pkg:npm/axios@0.24.0" } ] }