{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:4f3cb0f4-b3c0-584d-ae24-e8e0345c908a", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/astrojs-upgrade@5.18.1", "type": "library", "name": "astrojs-upgrade", "version": "5.18.1", "purl": "pkg:npm/astrojs-upgrade@5.18.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:46208a0d-df24-5e67-b721-6eb34dfc57f6", "id": "CVE-2025-55303", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55303 affects version 5.18.1 of astrojs-upgrade." }, "affects": [ { "ref": "pkg:npm/astrojs-upgrade@5.18.1" } ] }, { "bom-ref": "urn:uuid:075bf338-ec02-5bdf-a54b-6a01bb8684f0", "id": "CVE-2025-58752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58752 affects version 5.18.1 of astrojs-upgrade." }, "affects": [ { "ref": "pkg:npm/astrojs-upgrade@5.18.1" } ] }, { "bom-ref": "urn:uuid:e18e8db4-1d4c-5f57-b4a5-cab5e60d4402", "id": "CVE-2026-39363", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-39363 affects version 5.18.1 of astrojs-upgrade." }, "affects": [ { "ref": "pkg:npm/astrojs-upgrade@5.18.1" } ] }, { "bom-ref": "urn:uuid:52ea491f-68b0-5127-aeb9-0734c0238879", "id": "CVE-2026-39364", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-39364 affects version 5.18.1 of astrojs-upgrade." }, "affects": [ { "ref": "pkg:npm/astrojs-upgrade@5.18.1" } ] }, { "bom-ref": "urn:uuid:71369dac-c761-5347-a51a-3f146dd777c3", "id": "CVE-2026-45028", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-45028 affects version 5.18.1 of astrojs-upgrade." }, "affects": [ { "ref": "pkg:npm/astrojs-upgrade@5.18.1" } ] } ], "dependencies": [ { "ref": "pkg:npm/astrojs-upgrade@5.18.1" } ] }