{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:8c0b6325-bf6e-5523-95ff-a0f9eff7f59d", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/karma@4.1.0-tuxcare.1", "type": "library", "name": "karma", "version": "4.1.0-tuxcare.1", "purl": "pkg:npm/karma@4.1.0-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:595d0eb4-7516-553d-8aa9-ce9e2372f64f", "id": "CVE-2021-23495", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-23495 affects version 4.1.0-tuxcare.1 of karma." }, "affects": [ { "ref": "pkg:npm/karma@4.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:da128d9b-f513-50a2-8cd8-abe5b2152e08", "id": "CVE-2021-23807", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-23807 affects version 4.1.0-tuxcare.1 of karma." }, "affects": [ { "ref": "pkg:npm/karma@4.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7c9bf5e1-691c-5384-ab32-95205a79753e", "id": "CVE-2022-0437", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-0437 affects version 4.1.0-tuxcare.1 of karma." }, "affects": [ { "ref": "pkg:npm/karma@4.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7fd8db05-9851-58c0-890d-aa96936dc34f", "id": "CVE-2024-37890", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-37890 is fixed in version 4.1.0-tuxcare.1 of karma." }, "affects": [ { "ref": "pkg:npm/karma@4.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f56cc91e-c6c2-5dc1-befe-84c5ed66eef5", "id": "CVE-2025-64718", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-64718 is fixed in version 4.1.0-tuxcare.1 of karma." }, "affects": [ { "ref": "pkg:npm/karma@4.1.0-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:npm/karma@4.1.0-tuxcare.1" } ] }