anything-llm/docker/vex/CVE-2019-10790.vex.json

{
  "@context": "https://openvex.dev/ns/v0.2.0",
  "@id": "https://openvex.dev/docs/public/vex-6750d79bb005487e11d10f81d0b3ac92c47e6e259292c6b2d02558f9f4bca52d",
  "author": "tim@mintplexlabs.com",
  "timestamp": "2024-07-22T13:49:12.883675-07:00",
  "version": 1,
  "statements": [
    {
      "vulnerability": {
        "name": "CVE-2019-10790"
      },
      "timestamp": "2024-07-22T13:49:12.883678-07:00",
      "products": [
        {
          "@id": "pkg:docker/mintplexlabs/anythingllm@render",
          "subcomponents": [
            {
              "@id": "pkg:npm/taffydb@2.6.2"
            }
          ]
        },
        {
          "@id": "pkg:docker/mintplexlabs/anythingllm@railway",
          "subcomponents": [
            {
              "@id": "pkg:npm/taffydb@2.6.2"
            }
          ]
        },
        {
          "@id": "pkg:docker/mintplexlabs/anythingllm@latest",
          "subcomponents": [
            {
              "@id": "pkg:npm/taffydb@2.6.2"
            }
          ]
        },
        {
          "@id": "pkg:docker/mintplexlabs/anythingllm@master",
          "subcomponents": [
            {
              "@id": "pkg:npm/taffydb@2.6.2"
            }
          ]
        }
      ],
      "status": "not_affected",
      "justification": "vulnerable_code_cannot_be_controlled_by_adversary"
    }
  ]
}