{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:aa764c18-7ff7-52a1-878c-87a68b8d7568", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/create-astro@5.18.1", "type": "library", "name": "create-astro", "version": "5.18.1", "purl": "pkg:npm/create-astro@5.18.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:eca1dd96-83b9-5111-84ec-dfc0716cb141", "id": "CVE-2025-55303", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55303 affects version 5.18.1 of create-astro." }, "affects": [ { "ref": "pkg:npm/create-astro@5.18.1" } ] }, { "bom-ref": "urn:uuid:f387d7bc-24b7-5e47-8659-8f6fe88e1ab7", "id": "CVE-2025-58752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58752 affects version 5.18.1 of create-astro." }, "affects": [ { "ref": "pkg:npm/create-astro@5.18.1" } ] }, { "bom-ref": "urn:uuid:5f46b21e-d299-518e-ad48-1c725571ef5f", "id": "CVE-2026-39363", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-39363 affects version 5.18.1 of create-astro." }, "affects": [ { "ref": "pkg:npm/create-astro@5.18.1" } ] }, { "bom-ref": "urn:uuid:c397b048-32a8-5e73-ae71-b21cf1d7ac0e", "id": "CVE-2026-39364", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-39364 affects version 5.18.1 of create-astro." }, "affects": [ { "ref": "pkg:npm/create-astro@5.18.1" } ] }, { "bom-ref": "urn:uuid:35384956-fcf4-56e8-9872-d0110c4ed865", "id": "CVE-2026-45028", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-45028 affects version 5.18.1 of create-astro." }, "affects": [ { "ref": "pkg:npm/create-astro@5.18.1" } ] } ], "dependencies": [ { "ref": "pkg:npm/create-astro@5.18.1" } ] }