{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:fc702d67-1bdd-553d-9f5a-ca626e89be00", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/ini@1.3.5-tuxcare.1", "type": "library", "name": "ini", "version": "1.3.5-tuxcare.1", "purl": "pkg:npm/ini@1.3.5-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:cd7b8865-daf4-58ee-bee7-ceaca1218097", "id": "CVE-2015-8857", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-8857 is fixed in version 1.3.5-tuxcare.1 of ini." }, "affects": [ { "ref": "pkg:npm/ini@1.3.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1bd249a0-a982-5e13-96c0-b5497fc54ea0", "id": "CVE-2015-8858", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-8858 is fixed in version 1.3.5-tuxcare.1 of ini." }, "affects": [ { "ref": "pkg:npm/ini@1.3.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8b6befec-c4d5-5f03-affa-514926ba4edb", "id": "CVE-2020-7788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-7788 affects version 1.3.5-tuxcare.1 of ini." }, "affects": [ { "ref": "pkg:npm/ini@1.3.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a3c2e328-cd94-5cd8-a1de-ade00e67ea90", "id": "CVE-2020-7788_fix", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-7788_fix is fixed in version 1.3.5-tuxcare.1 of ini." }, "affects": [ { "ref": "pkg:npm/ini@1.3.5-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:npm/ini@1.3.5-tuxcare.1" } ] }