{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:a28f8014-22c1-5186-aa5b-a3b5a2ac6897", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/astro@5.18.1", "type": "library", "name": "astro", "version": "5.18.1", "purl": "pkg:npm/astro@5.18.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:9e59eb30-7db6-5315-ad72-35002929a6f7", "id": "CVE-2025-55303", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55303 affects version 5.18.1 of astro." }, "affects": [ { "ref": "pkg:npm/astro@5.18.1" } ] }, { "bom-ref": "urn:uuid:b6f51f77-a18b-58ee-976a-e217258e0594", "id": "CVE-2025-58752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58752 affects version 5.18.1 of astro." }, "affects": [ { "ref": "pkg:npm/astro@5.18.1" } ] }, { "bom-ref": "urn:uuid:51eb59fb-220d-5a27-8cbe-7dc661180d44", "id": "CVE-2026-39363", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-39363 affects version 5.18.1 of astro." }, "affects": [ { "ref": "pkg:npm/astro@5.18.1" } ] }, { "bom-ref": "urn:uuid:cbe3092f-ad15-5098-af2e-23e20dcc63b3", "id": "CVE-2026-39364", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-39364 affects version 5.18.1 of astro." }, "affects": [ { "ref": "pkg:npm/astro@5.18.1" } ] }, { "bom-ref": "urn:uuid:7ea80234-d315-59e1-8c56-6ed13e9c1271", "id": "CVE-2026-45028", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-45028 affects version 5.18.1 of astro." }, "affects": [ { "ref": "pkg:npm/astro@5.18.1" } ] } ], "dependencies": [ { "ref": "pkg:npm/astro@5.18.1" } ] }