{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:2a8a0e87-9e3e-5d68-8a0a-d85260959c72", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/astrojs-upgrade@5.18.1-tuxcare.2", "type": "library", "name": "astrojs-upgrade", "version": "5.18.1-tuxcare.2", "purl": "pkg:npm/astrojs-upgrade@5.18.1-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:a6fa1018-81fb-5e3f-b99c-1e19ce60fe7a", "id": "CVE-2025-55303", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55303 affects version 5.18.1-tuxcare.2 of astrojs-upgrade." }, "affects": [ { "ref": "pkg:npm/astrojs-upgrade@5.18.1-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a1f5cc2e-e038-52dd-a480-49792f499bc9", "id": "CVE-2025-58751", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-58751 is fixed in version 5.18.1-tuxcare.2 of astrojs-upgrade." }, "affects": [ { "ref": "pkg:npm/astrojs-upgrade@5.18.1-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e716f14d-90d2-5917-9d0b-e151ac8d23c1", "id": "CVE-2025-58752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58752 affects version 5.18.1-tuxcare.2 of astrojs-upgrade." }, "affects": [ { "ref": "pkg:npm/astrojs-upgrade@5.18.1-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0244a9de-8fb1-54ee-9a45-7c8a5bf73ef8", "id": "CVE-2025-62522", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-62522 affects version 5.18.1-tuxcare.2 of astrojs-upgrade." }, "affects": [ { "ref": "pkg:npm/astrojs-upgrade@5.18.1-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:db06d905-686e-5450-a886-721bc7659725", "id": "CVE-2026-39363", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-39363 affects version 5.18.1-tuxcare.2 of astrojs-upgrade." }, "affects": [ { "ref": "pkg:npm/astrojs-upgrade@5.18.1-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ef77a5f1-0b1b-5192-bbef-cfb929683068", "id": "CVE-2026-39364", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-39364 affects version 5.18.1-tuxcare.2 of astrojs-upgrade." }, "affects": [ { "ref": "pkg:npm/astrojs-upgrade@5.18.1-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e225d966-16df-5f48-8459-4546e83b15cb", "id": "CVE-2026-39365", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-39365 is fixed in version 5.18.1-tuxcare.2 of astrojs-upgrade." }, "affects": [ { "ref": "pkg:npm/astrojs-upgrade@5.18.1-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:feb3db92-13be-5ea9-a082-f93c68f865fe", "id": "CVE-2026-41067", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-41067 is fixed in version 5.18.1-tuxcare.2 of astrojs-upgrade." }, "affects": [ { "ref": "pkg:npm/astrojs-upgrade@5.18.1-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:08103716-818a-5bbe-91de-c4c13872ed86", "id": "CVE-2026-45028", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-45028 affects version 5.18.1-tuxcare.2 of astrojs-upgrade." }, "affects": [ { "ref": "pkg:npm/astrojs-upgrade@5.18.1-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:npm/astrojs-upgrade@5.18.1-tuxcare.2" } ] }