{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:c57aa941-5ce8-5477-9962-0a1a7fcb6c16", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/lodash@3.2.0-tuxcare.1", "type": "library", "name": "lodash", "version": "3.2.0-tuxcare.1", "purl": "pkg:npm/lodash@3.2.0-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:4b57a1e9-07f0-55be-b39c-a458f07ede60", "id": "CVE-2016-10735", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-10735 is fixed in version 3.2.0-tuxcare.1 of lodash." }, "affects": [ { "ref": "pkg:npm/lodash@3.2.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6355472d-b5cf-5ec9-86b5-82d8f2e642a1", "id": "CVE-2018-14040", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-14040 is fixed in version 3.2.0-tuxcare.1 of lodash." }, "affects": [ { "ref": "pkg:npm/lodash@3.2.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6a4903f7-932e-5999-b39e-98dea2d07c54", "id": "CVE-2018-14042", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-14042 is fixed in version 3.2.0-tuxcare.1 of lodash." }, "affects": [ { "ref": "pkg:npm/lodash@3.2.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:776f5074-2eff-56af-bfe0-f8b97ba21ae3", "id": "CVE-2018-16487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-16487 is fixed in version 3.2.0-tuxcare.1 of lodash." }, "affects": [ { "ref": "pkg:npm/lodash@3.2.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:13eda895-8ab4-5442-92e0-1eed018aa796", "id": "CVE-2018-20676", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-20676 is fixed in version 3.2.0-tuxcare.1 of lodash." }, "affects": [ { "ref": "pkg:npm/lodash@3.2.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a685febe-d9ab-5e98-b5cc-362478bee478", "id": "CVE-2018-20677", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-20677 is fixed in version 3.2.0-tuxcare.1 of lodash." }, "affects": [ { "ref": "pkg:npm/lodash@3.2.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:be2521c6-c5fb-5389-af0d-4c5b6fa31bc6", "id": "CVE-2018-3721", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-3721 is fixed in version 3.2.0-tuxcare.1 of lodash." }, "affects": [ { "ref": "pkg:npm/lodash@3.2.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f01c94df-1fde-5850-9ee0-4e9d19cd843b", "id": "CVE-2019-10744", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2019-10744 is fixed in version 3.2.0-tuxcare.1 of lodash." }, "affects": [ { "ref": "pkg:npm/lodash@3.2.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dd3dc3b1-9c72-5ca6-afe5-9450d8b4332f", "id": "CVE-2019-14862", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2019-14862 is fixed in version 3.2.0-tuxcare.1 of lodash." }, "affects": [ { "ref": "pkg:npm/lodash@3.2.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:19f5b943-060e-5127-b78e-144692cede3c", "id": "CVE-2019-8331", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2019-8331 is fixed in version 3.2.0-tuxcare.1 of lodash." }, "affects": [ { "ref": "pkg:npm/lodash@3.2.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:20cf010d-0dd3-52c3-a599-09db1abfdc4f", "id": "CVE-2020-36049", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-36049 is fixed in version 3.2.0-tuxcare.1 of lodash." }, "affects": [ { "ref": "pkg:npm/lodash@3.2.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:36c3d5d0-dcd8-53db-adca-1f2732f491d0", "id": "CVE-2020-8203", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-8203 affects version 3.2.0-tuxcare.1 of lodash." }, "affects": [ { "ref": "pkg:npm/lodash@3.2.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:68456f32-e548-5569-9c73-651d3624b1ca", "id": "CVE-2021-23337", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-23337 is fixed in version 3.2.0-tuxcare.1 of lodash." }, "affects": [ { "ref": "pkg:npm/lodash@3.2.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f3c30dbc-64e9-50bc-835d-ace0e12d1781", "id": "CVE-2022-2421", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-2421 is fixed in version 3.2.0-tuxcare.1 of lodash." }, "affects": [ { "ref": "pkg:npm/lodash@3.2.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5fead2fc-71a6-59ab-b75b-b9fe2cef0ddf", "id": "CVE-2023-32695", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-32695 is fixed in version 3.2.0-tuxcare.1 of lodash." }, "affects": [ { "ref": "pkg:npm/lodash@3.2.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2576bdde-f4df-5645-b1fe-17822152cbef", "id": "CVE-2024-6484", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6484 is fixed in version 3.2.0-tuxcare.1 of lodash." }, "affects": [ { "ref": "pkg:npm/lodash@3.2.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4500598d-296b-55c8-93d6-d97bdb1df3f7", "id": "CVE-2024-6485", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6485 is fixed in version 3.2.0-tuxcare.1 of lodash." }, "affects": [ { "ref": "pkg:npm/lodash@3.2.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0f71cb42-8d90-5da5-8115-f9069651476f", "id": "CVE-2025-13465", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-13465 affects version 3.2.0-tuxcare.1 of lodash." }, "affects": [ { "ref": "pkg:npm/lodash@3.2.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9fdf8c50-3dc7-5461-a8dd-218c8ff74ecd", "id": "CVE-2026-2950", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2950 affects version 3.2.0-tuxcare.1 of lodash." }, "affects": [ { "ref": "pkg:npm/lodash@3.2.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f3568259-e795-52cf-aa26-5a640d64f144", "id": "CVE-2026-4800", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-4800 affects version 3.2.0-tuxcare.1 of lodash." }, "affects": [ { "ref": "pkg:npm/lodash@3.2.0-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:npm/lodash@3.2.0-tuxcare.1" } ] }