{
  "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
  "bomFormat": "CycloneDX",
  "specVersion": "1.6",
  "serialNumber": "urn:uuid:9a39e6b0-b446-5521-abe3-dc4d5c55e0af",
  "version": 1,
  "metadata": {
    "tools": [
      {
        "name": "tuxcare-vex-generator",
        "version": "1.0.0"
      }
    ]
  },
  "components": [
    {
      "bom-ref": "pkg:npm/connect@2.6.0",
      "type": "library",
      "name": "connect",
      "version": "2.6.0",
      "purl": "pkg:npm/connect@2.6.0"
    }
  ],
  "vulnerabilities": [
    {
      "bom-ref": "urn:uuid:e1516de6-5ef8-5966-90cf-1826ef7a715a",
      "id": "CVE-2014-10064",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2014-10064 affects version 2.6.0 of connect."
      },
      "affects": [
        {
          "ref": "pkg:npm/connect@2.6.0"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:56651c61-31fb-5da9-ba15-0b4ac13c0e52",
      "id": "CVE-2015-8859",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2015-8859 affects version 2.6.0 of connect."
      },
      "affects": [
        {
          "ref": "pkg:npm/connect@2.6.0"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:e95ff234-135c-5fa2-a47d-33938c1e4333",
      "id": "CVE-2017-1000048",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2017-1000048 affects version 2.6.0 of connect."
      },
      "affects": [
        {
          "ref": "pkg:npm/connect@2.6.0"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:2adf104f-87c2-5895-a80c-8e0758c5e250",
      "id": "CVE-2017-16119",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2017-16119 affects version 2.6.0 of connect."
      },
      "affects": [
        {
          "ref": "pkg:npm/connect@2.6.0"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:f4befaad-f822-5c67-af46-e01ca0626a44",
      "id": "CVE-2017-16138",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2017-16138 affects version 2.6.0 of connect."
      },
      "affects": [
        {
          "ref": "pkg:npm/connect@2.6.0"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:f82fe6f4-a933-570d-b425-1ea217058172",
      "id": "CVE-2024-43799",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-43799 affects version 2.6.0 of connect."
      },
      "affects": [
        {
          "ref": "pkg:npm/connect@2.6.0"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:5ba6c10e-e370-56cd-a9ba-60cb4f26abe7",
      "id": "CVE-2024-47764",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-47764 affects version 2.6.0 of connect."
      },
      "affects": [
        {
          "ref": "pkg:npm/connect@2.6.0"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:40dffbed-db1a-5f64-87f9-f85ead9a6da4",
      "id": "CVE-2025-15284",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2025-15284 affects version 2.6.0 of connect."
      },
      "affects": [
        {
          "ref": "pkg:npm/connect@2.6.0"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:f50bd85d-acf8-5a48-8bd3-82ea98b51e4e",
      "id": "CVE-2026-2391",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-2391 affects version 2.6.0 of connect."
      },
      "affects": [
        {
          "ref": "pkg:npm/connect@2.6.0"
        }
      ]
    }
  ],
  "dependencies": [
    {
      "ref": "pkg:npm/connect@2.6.0"
    }
  ]
}