{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:bf05de15-9385-5a1f-b0e9-557a7fc54617", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/astrojs-upgrade@5.18.1-tuxcare.3", "type": "library", "name": "astrojs-upgrade", "version": "5.18.1-tuxcare.3", "purl": "pkg:npm/astrojs-upgrade@5.18.1-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:69558697-5f32-59f8-a34e-430c35c4d88a", "id": "CVE-2025-55303", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55303 affects version 5.18.1-tuxcare.3 of astrojs-upgrade." }, "affects": [ { "ref": "pkg:npm/astrojs-upgrade@5.18.1-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:852417f1-94b1-526b-9388-a5bfdc624086", "id": "CVE-2025-58751", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-58751 is fixed in version 5.18.1-tuxcare.3 of astrojs-upgrade." }, "affects": [ { "ref": "pkg:npm/astrojs-upgrade@5.18.1-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ad25f5c6-ac28-566c-b751-117ac16c4d4c", "id": "CVE-2025-58752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58752 affects version 5.18.1-tuxcare.3 of astrojs-upgrade." }, "affects": [ { "ref": "pkg:npm/astrojs-upgrade@5.18.1-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4f8f24cb-949c-5070-836e-d4db67ad4dc3", "id": "CVE-2025-62522", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-62522 is fixed in version 5.18.1-tuxcare.3 of astrojs-upgrade." }, "affects": [ { "ref": "pkg:npm/astrojs-upgrade@5.18.1-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dcda9863-3795-50c3-80fd-88cf303f9cfb", "id": "CVE-2026-39363", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-39363 affects version 5.18.1-tuxcare.3 of astrojs-upgrade." }, "affects": [ { "ref": "pkg:npm/astrojs-upgrade@5.18.1-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1497398e-0e71-5554-a90c-54c8f387fd0b", "id": "CVE-2026-39364", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-39364 affects version 5.18.1-tuxcare.3 of astrojs-upgrade." }, "affects": [ { "ref": "pkg:npm/astrojs-upgrade@5.18.1-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5ee395aa-9bde-52f6-91d4-02397dc6afac", "id": "CVE-2026-39365", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-39365 is fixed in version 5.18.1-tuxcare.3 of astrojs-upgrade." }, "affects": [ { "ref": "pkg:npm/astrojs-upgrade@5.18.1-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:adec58a3-f4f5-5983-be8a-eea9a4a9301d", "id": "CVE-2026-41067", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-41067 is fixed in version 5.18.1-tuxcare.3 of astrojs-upgrade." }, "affects": [ { "ref": "pkg:npm/astrojs-upgrade@5.18.1-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:aaba3945-d7e9-544d-9939-02c53a3feee9", "id": "CVE-2026-45028", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-45028 affects version 5.18.1-tuxcare.3 of astrojs-upgrade." }, "affects": [ { "ref": "pkg:npm/astrojs-upgrade@5.18.1-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:npm/astrojs-upgrade@5.18.1-tuxcare.3" } ] }