{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:7f11e302-8623-53a3-b6f6-ad5e1ff68351", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/create-vite@2.9.18", "type": "library", "name": "create-vite", "version": "2.9.18", "purl": "pkg:npm/create-vite@2.9.18" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:bd98a5a6-1088-5e35-a252-59c0d00e6afa", "id": "CVE-2024-23331", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23331 affects version 2.9.18 of create-vite." }, "affects": [ { "ref": "pkg:npm/create-vite@2.9.18" } ] }, { "bom-ref": "urn:uuid:114b0ccf-40d6-55c6-b852-79a61559873e", "id": "CVE-2024-31207", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-31207 affects version 2.9.18 of create-vite." }, "affects": [ { "ref": "pkg:npm/create-vite@2.9.18" } ] }, { "bom-ref": "urn:uuid:f9eb349d-bb11-59cf-8c6a-0b9846bda89a", "id": "CVE-2026-39363", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-39363 affects version 2.9.18 of create-vite." }, "affects": [ { "ref": "pkg:npm/create-vite@2.9.18" } ] }, { "bom-ref": "urn:uuid:803d2432-067b-5c29-8c4c-ec3c72c1d0a0", "id": "CVE-2026-39364", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-39364 affects version 2.9.18 of create-vite." }, "affects": [ { "ref": "pkg:npm/create-vite@2.9.18" } ] }, { "bom-ref": "urn:uuid:bf34175d-49c2-51c6-b1b8-658f7b26dd47", "id": "CVE-2026-39365", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-39365 affects version 2.9.18 of create-vite." }, "affects": [ { "ref": "pkg:npm/create-vite@2.9.18" } ] } ], "dependencies": [ { "ref": "pkg:npm/create-vite@2.9.18" } ] }