{
  "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
  "bomFormat": "CycloneDX",
  "specVersion": "1.6",
  "serialNumber": "urn:uuid:97f09a3f-8538-5fec-b2f3-0408d9691e74",
  "version": 1,
  "metadata": {
    "tools": [
      {
        "name": "tuxcare-vex-generator",
        "version": "1.0.0"
      }
    ]
  },
  "components": [
    {
      "bom-ref": "pkg:npm/express@4.17.1",
      "type": "library",
      "name": "express",
      "version": "4.17.1",
      "purl": "pkg:npm/express@4.17.1"
    }
  ],
  "vulnerabilities": [
    {
      "bom-ref": "urn:uuid:4fb4e0b7-90af-5f34-8d5d-c84035e8401e",
      "id": "CVE-2022-24999",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2022-24999 affects version 4.17.1 of express."
      },
      "affects": [
        {
          "ref": "pkg:npm/express@4.17.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:3a2ed75c-14d7-5c2e-880b-3187ce57dc61",
      "id": "CVE-2024-29041",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-29041 affects version 4.17.1 of express."
      },
      "affects": [
        {
          "ref": "pkg:npm/express@4.17.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:acbbeaaf-726e-55e4-8c86-b6f719afd189",
      "id": "CVE-2024-43796",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-43796 affects version 4.17.1 of express."
      },
      "affects": [
        {
          "ref": "pkg:npm/express@4.17.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:cfd67ab9-13fc-501b-ba8c-999400cecdcc",
      "id": "CVE-2024-43799",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-43799 affects version 4.17.1 of express."
      },
      "affects": [
        {
          "ref": "pkg:npm/express@4.17.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:8a24f634-52d7-56e4-990d-37cdfe03eb85",
      "id": "CVE-2024-43800",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-43800 affects version 4.17.1 of express."
      },
      "affects": [
        {
          "ref": "pkg:npm/express@4.17.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:a64e3c59-52d6-5481-b1ba-11474502a03f",
      "id": "CVE-2024-45590",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-45590 affects version 4.17.1 of express."
      },
      "affects": [
        {
          "ref": "pkg:npm/express@4.17.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:462c1f4a-26c7-5c35-83a3-779332c03f34",
      "id": "CVE-2024-47764",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-47764 affects version 4.17.1 of express."
      },
      "affects": [
        {
          "ref": "pkg:npm/express@4.17.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:1b1c4252-276c-5998-8a4d-8a6a4865aa9b",
      "id": "CVE-2025-15284",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2025-15284 affects version 4.17.1 of express."
      },
      "affects": [
        {
          "ref": "pkg:npm/express@4.17.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:a780076c-befb-5187-9e22-2bd6d0a2a9ff",
      "id": "CVE-2026-2391",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-2391 affects version 4.17.1 of express."
      },
      "affects": [
        {
          "ref": "pkg:npm/express@4.17.1"
        }
      ]
    }
  ],
  "dependencies": [
    {
      "ref": "pkg:npm/express@4.17.1"
    }
  ]
}