{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:a233bd45-b58b-54a9-b423-f1165b88fdad", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/astrojs-upgrade@5.18.1-tuxcare.1", "type": "library", "name": "astrojs-upgrade", "version": "5.18.1-tuxcare.1", "purl": "pkg:npm/astrojs-upgrade@5.18.1-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:dce429e0-6276-5979-b64d-8b4f54731fbd", "id": "CVE-2025-55303", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55303 affects version 5.18.1-tuxcare.1 of astrojs-upgrade." }, "affects": [ { "ref": "pkg:npm/astrojs-upgrade@5.18.1-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c1f363c9-9ce4-501e-a482-81fa19e8c60d", "id": "CVE-2025-58751", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58751 affects version 5.18.1-tuxcare.1 of astrojs-upgrade." }, "affects": [ { "ref": "pkg:npm/astrojs-upgrade@5.18.1-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b58cefdd-c33d-545f-8c64-26d7b4846a08", "id": "CVE-2025-58752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58752 affects version 5.18.1-tuxcare.1 of astrojs-upgrade." }, "affects": [ { "ref": "pkg:npm/astrojs-upgrade@5.18.1-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9f7f574c-0763-5c45-ba9a-acbaaf2bdb72", "id": "CVE-2025-62522", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-62522 affects version 5.18.1-tuxcare.1 of astrojs-upgrade." }, "affects": [ { "ref": "pkg:npm/astrojs-upgrade@5.18.1-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a1f3ad58-c1f7-5ca7-b124-91b59c355322", "id": "CVE-2026-39363", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-39363 affects version 5.18.1-tuxcare.1 of astrojs-upgrade." }, "affects": [ { "ref": "pkg:npm/astrojs-upgrade@5.18.1-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f29d810f-d007-5dde-b51c-41d1e9eaf6e4", "id": "CVE-2026-39364", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-39364 affects version 5.18.1-tuxcare.1 of astrojs-upgrade." }, "affects": [ { "ref": "pkg:npm/astrojs-upgrade@5.18.1-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:87a919ff-32d8-5764-bda9-4325de16d215", "id": "CVE-2026-39365", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-39365 affects version 5.18.1-tuxcare.1 of astrojs-upgrade." }, "affects": [ { "ref": "pkg:npm/astrojs-upgrade@5.18.1-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a609ff26-a796-59be-bf25-63012d462c34", "id": "CVE-2026-41067", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41067 affects version 5.18.1-tuxcare.1 of astrojs-upgrade." }, "affects": [ { "ref": "pkg:npm/astrojs-upgrade@5.18.1-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:59b9be1b-2d67-5d7a-a163-d93cfb653ef8", "id": "CVE-2026-45028", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-45028 affects version 5.18.1-tuxcare.1 of astrojs-upgrade." }, "affects": [ { "ref": "pkg:npm/astrojs-upgrade@5.18.1-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:npm/astrojs-upgrade@5.18.1-tuxcare.1" } ] }