{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:a37e42d5-4fd3-59a8-8e8c-7bc2c328443f", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/astrojs-webapi@1.9.2", "type": "library", "name": "astrojs-webapi", "version": "1.9.2", "purl": "pkg:npm/astrojs-webapi@1.9.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:7924dc24-3733-583e-ad1c-6e3143acd198", "id": "CVE-2024-23331", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23331 affects version 1.9.2 of astrojs-webapi." }, "affects": [ { "ref": "pkg:npm/astrojs-webapi@1.9.2" } ] }, { "bom-ref": "urn:uuid:1d4ff9b7-e7a5-5e16-90a6-837d4f65e20f", "id": "CVE-2024-31207", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-31207 affects version 1.9.2 of astrojs-webapi." }, "affects": [ { "ref": "pkg:npm/astrojs-webapi@1.9.2" } ] }, { "bom-ref": "urn:uuid:cec17876-0f45-5461-b51b-c812f4182a0c", "id": "CVE-2024-45811", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-45811 affects version 1.9.2 of astrojs-webapi." }, "affects": [ { "ref": "pkg:npm/astrojs-webapi@1.9.2" } ] }, { "bom-ref": "urn:uuid:3744e0ec-4081-5d6b-955c-be2e5d29a54f", "id": "CVE-2025-24010", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24010 affects version 1.9.2 of astrojs-webapi." }, "affects": [ { "ref": "pkg:npm/astrojs-webapi@1.9.2" } ] }, { "bom-ref": "urn:uuid:19ecd7f6-6afa-5a83-9b35-3c75dde9be00", "id": "CVE-2025-30208", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-30208 affects version 1.9.2 of astrojs-webapi." }, "affects": [ { "ref": "pkg:npm/astrojs-webapi@1.9.2" } ] }, { "bom-ref": "urn:uuid:7911d6db-873f-5704-b65b-fa5361040075", "id": "CVE-2025-31125", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31125 affects version 1.9.2 of astrojs-webapi." }, "affects": [ { "ref": "pkg:npm/astrojs-webapi@1.9.2" } ] }, { "bom-ref": "urn:uuid:bd5f8dd0-5480-5ab7-88cd-77cef8b510e7", "id": "CVE-2025-31486", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31486 affects version 1.9.2 of astrojs-webapi." }, "affects": [ { "ref": "pkg:npm/astrojs-webapi@1.9.2" } ] }, { "bom-ref": "urn:uuid:5ed435c2-12cd-5558-a248-68e1c7ddd13a", "id": "CVE-2025-32395", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-32395 affects version 1.9.2 of astrojs-webapi." }, "affects": [ { "ref": "pkg:npm/astrojs-webapi@1.9.2" } ] }, { "bom-ref": "urn:uuid:7afd3a47-20f1-5680-8312-1a01590ec4e4", "id": "CVE-2025-46565", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-46565 affects version 1.9.2 of astrojs-webapi." }, "affects": [ { "ref": "pkg:npm/astrojs-webapi@1.9.2" } ] }, { "bom-ref": "urn:uuid:edad686a-6518-5dd3-9ecc-adb528dfad0c", "id": "CVE-2025-58751", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58751 affects version 1.9.2 of astrojs-webapi." }, "affects": [ { "ref": "pkg:npm/astrojs-webapi@1.9.2" } ] }, { "bom-ref": "urn:uuid:ec1f670d-46ab-548b-9857-57d536efcd07", "id": "CVE-2025-58752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58752 affects version 1.9.2 of astrojs-webapi." }, "affects": [ { "ref": "pkg:npm/astrojs-webapi@1.9.2" } ] }, { "bom-ref": "urn:uuid:f8e7ea55-e083-544e-aab3-d26b9a218f0f", "id": "CVE-2025-62522", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-62522 affects version 1.9.2 of astrojs-webapi." }, "affects": [ { "ref": "pkg:npm/astrojs-webapi@1.9.2" } ] }, { "bom-ref": "urn:uuid:a2b7a905-81cd-5c53-8150-331e95bb4245", "id": "CVE-2026-39363", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-39363 affects version 1.9.2 of astrojs-webapi." }, "affects": [ { "ref": "pkg:npm/astrojs-webapi@1.9.2" } ] }, { "bom-ref": "urn:uuid:5fcbcc2c-a939-51b5-821b-898573e8b84f", "id": "CVE-2026-39364", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-39364 affects version 1.9.2 of astrojs-webapi." }, "affects": [ { "ref": "pkg:npm/astrojs-webapi@1.9.2" } ] }, { "bom-ref": "urn:uuid:e9dac456-ad79-5d4b-89a3-4d1d62fb5ec6", "id": "CVE-2026-39365", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-39365 affects version 1.9.2 of astrojs-webapi." }, "affects": [ { "ref": "pkg:npm/astrojs-webapi@1.9.2" } ] }, { "bom-ref": "urn:uuid:8df00066-e280-5c61-ad91-9e6ceded857e", "id": "CVE-2026-45028", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-45028 affects version 1.9.2 of astrojs-webapi." }, "affects": [ { "ref": "pkg:npm/astrojs-webapi@1.9.2" } ] } ], "dependencies": [ { "ref": "pkg:npm/astrojs-webapi@1.9.2" } ] }