{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:7e6877b8-285d-56a8-b5bc-3e6317080d16", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/express@3.21.2-tuxcare.4", "type": "library", "name": "express", "version": "3.21.2-tuxcare.4", "purl": "pkg:npm/express@3.21.2-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:e27c630a-4e29-520c-b492-70ef57929c37", "id": "CVE-2016-10539", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-10539 affects version 3.21.2-tuxcare.4 of express." }, "affects": [ { "ref": "pkg:npm/express@3.21.2-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6cefb237-f7b7-5c90-b84b-5946d8cffe52", "id": "CVE-2017-1000048", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-1000048 affects version 3.21.2-tuxcare.4 of express." }, "affects": [ { "ref": "pkg:npm/express@3.21.2-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:864b3120-c1e4-5a3a-99a1-097d4e4924b6", "id": "CVE-2017-16119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-16119 affects version 3.21.2-tuxcare.4 of express." }, "affects": [ { "ref": "pkg:npm/express@3.21.2-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:619fa506-2b65-5c89-b604-46ed32f3fe87", "id": "CVE-2017-16137", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-16137 affects version 3.21.2-tuxcare.4 of express." }, "affects": [ { "ref": "pkg:npm/express@3.21.2-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:df5c0beb-1504-5fd9-8a8e-1c53bbd883dd", "id": "CVE-2017-20162", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-20162 affects version 3.21.2-tuxcare.4 of express." }, "affects": [ { "ref": "pkg:npm/express@3.21.2-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cae8f5b4-35bf-5990-a2d4-e9ef99458d80", "id": "CVE-2017-20165", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-20165 affects version 3.21.2-tuxcare.4 of express." }, "affects": [ { "ref": "pkg:npm/express@3.21.2-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d0c1b59c-92b3-59e9-8dff-f8b0f82eb762", "id": "CVE-2019-5413", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-5413 affects version 3.21.2-tuxcare.4 of express." }, "affects": [ { "ref": "pkg:npm/express@3.21.2-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9c60e92a-93ae-5e7f-9372-8be5ec848d6d", "id": "CVE-2020-7598", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-7598 affects version 3.21.2-tuxcare.4 of express." }, "affects": [ { "ref": "pkg:npm/express@3.21.2-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d59608c7-bf57-5de8-b927-ef98b8fea980", "id": "CVE-2021-44906", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-44906 affects version 3.21.2-tuxcare.4 of express." }, "affects": [ { "ref": "pkg:npm/express@3.21.2-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d417b218-ee7c-5010-833c-9f7f18411c82", "id": "CVE-2022-24999", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-24999 affects version 3.21.2-tuxcare.4 of express." }, "affects": [ { "ref": "pkg:npm/express@3.21.2-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d8ac2a3e-42cf-544f-858d-03c4ae09fcde", "id": "CVE-2024-10491", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-10491 is fixed in version 3.21.2-tuxcare.4 of express." }, "affects": [ { "ref": "pkg:npm/express@3.21.2-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:40a4ebc6-a279-522d-a663-0bb818177a15", "id": "CVE-2024-29041", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-29041 is fixed in version 3.21.2-tuxcare.4 of express." }, "affects": [ { "ref": "pkg:npm/express@3.21.2-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:eeba6676-0f10-5b09-9cbb-e4f52eba7048", "id": "CVE-2024-43796", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-43796 is fixed in version 3.21.2-tuxcare.4 of express." }, "affects": [ { "ref": "pkg:npm/express@3.21.2-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:41c01dee-7a0b-5821-9b7e-e6e262dfbcde", "id": "CVE-2024-43799", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-43799 affects version 3.21.2-tuxcare.4 of express." }, "affects": [ { "ref": "pkg:npm/express@3.21.2-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e774ca12-0278-5687-9c10-3d1edbea9878", "id": "CVE-2024-43800", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-43800 affects version 3.21.2-tuxcare.4 of express." }, "affects": [ { "ref": "pkg:npm/express@3.21.2-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:681bb59c-6a18-5a1a-a2bf-bc86945d4a02", "id": "CVE-2024-45590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-45590 affects version 3.21.2-tuxcare.4 of express." }, "affects": [ { "ref": "pkg:npm/express@3.21.2-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:eb2dec5b-d0af-54a7-8f92-d4a0447364a0", "id": "CVE-2024-47178", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-47178 affects version 3.21.2-tuxcare.4 of express." }, "affects": [ { "ref": "pkg:npm/express@3.21.2-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fe37646d-12b0-5bd6-866f-c5287be39833", "id": "CVE-2024-47764", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-47764 affects version 3.21.2-tuxcare.4 of express." }, "affects": [ { "ref": "pkg:npm/express@3.21.2-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b20e3685-0a31-5dda-8313-e3b37e861bc4", "id": "CVE-2024-9266", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9266 is fixed in version 3.21.2-tuxcare.4 of express." }, "affects": [ { "ref": "pkg:npm/express@3.21.2-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:aa069348-5083-5677-bb38-a486498d315d", "id": "CVE-2025-15284", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-15284 affects version 3.21.2-tuxcare.4 of express." }, "affects": [ { "ref": "pkg:npm/express@3.21.2-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:68032055-2e29-5073-8b6c-abcd0b5de257", "id": "CVE-2025-7339", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-7339 affects version 3.21.2-tuxcare.4 of express." }, "affects": [ { "ref": "pkg:npm/express@3.21.2-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d203fecb-0abb-5b15-95d3-49592a543202", "id": "CVE-2026-2391", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2391 affects version 3.21.2-tuxcare.4 of express." }, "affects": [ { "ref": "pkg:npm/express@3.21.2-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:19053444-f1fd-5e62-b0c1-3ff252cceab9", "id": "CVE-2026-8159", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-8159 affects version 3.21.2-tuxcare.4 of express." }, "affects": [ { "ref": "pkg:npm/express@3.21.2-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5c089ee1-f881-55b4-be5f-702984fd4a34", "id": "CVE-2026-8161", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-8161 affects version 3.21.2-tuxcare.4 of express." }, "affects": [ { "ref": "pkg:npm/express@3.21.2-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:320a092d-3c11-52aa-a7a0-e4d73202cde9", "id": "CVE-2026-8162", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-8162 affects version 3.21.2-tuxcare.4 of express." }, "affects": [ { "ref": "pkg:npm/express@3.21.2-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f26aad60-a624-51ea-9fea-9635e3d88449", "id": "GHSA-7fhm-mqm4-2wp7", "analysis": { "state": "false_positive", "detail": "Vulnerability GHSA-7fhm-mqm4-2wp7 is a false positive for express 3.21.2-tuxcare.4." }, "affects": [ { "ref": "pkg:npm/express@3.21.2-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1c5e3596-ed02-563c-bf4a-54e0b9b3a2f9", "id": "GHSA-j4mr-9xw3-c9jx", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-j4mr-9xw3-c9jx affects version 3.21.2-tuxcare.4 of express." }, "affects": [ { "ref": "pkg:npm/express@3.21.2-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:npm/express@3.21.2-tuxcare.4" } ] }