{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:f0447813-8a0a-5b2a-8663-71992a4de38a", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/astrojs-telemetry@5.18.1", "type": "library", "name": "astrojs-telemetry", "version": "5.18.1", "purl": "pkg:npm/astrojs-telemetry@5.18.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:4c6dad08-1ed2-5cee-b3d8-baabdd8ff670", "id": "CVE-2025-55303", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55303 affects version 5.18.1 of astrojs-telemetry." }, "affects": [ { "ref": "pkg:npm/astrojs-telemetry@5.18.1" } ] }, { "bom-ref": "urn:uuid:a5a19159-d6c7-54ff-af72-c9ce5461a55c", "id": "CVE-2025-58752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58752 affects version 5.18.1 of astrojs-telemetry." }, "affects": [ { "ref": "pkg:npm/astrojs-telemetry@5.18.1" } ] }, { "bom-ref": "urn:uuid:19c8e06d-d234-517d-b528-2b9d6b89fae8", "id": "CVE-2026-39363", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-39363 affects version 5.18.1 of astrojs-telemetry." }, "affects": [ { "ref": "pkg:npm/astrojs-telemetry@5.18.1" } ] }, { "bom-ref": "urn:uuid:216068ab-2c5f-5859-acf0-7f667cb490a8", "id": "CVE-2026-39364", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-39364 affects version 5.18.1 of astrojs-telemetry." }, "affects": [ { "ref": "pkg:npm/astrojs-telemetry@5.18.1" } ] }, { "bom-ref": "urn:uuid:55a7c1f2-1d01-59d6-a7c7-eaa316f1dd18", "id": "CVE-2026-45028", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-45028 affects version 5.18.1 of astrojs-telemetry." }, "affects": [ { "ref": "pkg:npm/astrojs-telemetry@5.18.1" } ] } ], "dependencies": [ { "ref": "pkg:npm/astrojs-telemetry@5.18.1" } ] }