{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:7ff65502-88c6-5920-8e9a-f42e031145e4", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/loopback@2.42.0", "type": "library", "name": "loopback", "version": "2.42.0", "purl": "pkg:npm/loopback@2.42.0" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:aa6232d4-5678-509f-b475-72ef1dbf0098", "id": "CVE-2020-7769", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-7769 affects version 2.42.0 of loopback." }, "affects": [ { "ref": "pkg:npm/loopback@2.42.0" } ] }, { "bom-ref": "urn:uuid:971d5597-98f9-5d3e-ace7-48b51ff14253", "id": "CVE-2021-23358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-23358 affects version 2.42.0 of loopback." }, "affects": [ { "ref": "pkg:npm/loopback@2.42.0" } ] }, { "bom-ref": "urn:uuid:09fbc060-94bf-516b-8843-b1c84bfedcd6", "id": "CVE-2021-23400", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-23400 affects version 2.42.0 of loopback." }, "affects": [ { "ref": "pkg:npm/loopback@2.42.0" } ] }, { "bom-ref": "urn:uuid:93c3c741-d120-5765-8d2f-a8bfd933c347", "id": "CVE-2022-29078", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-29078 affects version 2.42.0 of loopback." }, "affects": [ { "ref": "pkg:npm/loopback@2.42.0" } ] }, { "bom-ref": "urn:uuid:f17a5576-cb0e-5823-8d15-f5b94d848256", "id": "CVE-2024-29415", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-29415 affects version 2.42.0 of loopback." }, "affects": [ { "ref": "pkg:npm/loopback@2.42.0" } ] }, { "bom-ref": "urn:uuid:973072d2-19ea-5623-ada1-68d1c510b6eb", "id": "CVE-2024-33883", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-33883 affects version 2.42.0 of loopback." }, "affects": [ { "ref": "pkg:npm/loopback@2.42.0" } ] }, { "bom-ref": "urn:uuid:bbc39641-8abd-5067-9134-ab5d317b3253", "id": "CVE-2025-13033", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-13033 affects version 2.42.0 of loopback." }, "affects": [ { "ref": "pkg:npm/loopback@2.42.0" } ] }, { "bom-ref": "urn:uuid:92aefa9b-c27b-56d6-9656-770acd9fbceb", "id": "CVE-2025-14874", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-14874 affects version 2.42.0 of loopback." }, "affects": [ { "ref": "pkg:npm/loopback@2.42.0" } ] }, { "bom-ref": "urn:uuid:bc22efa4-5d88-5fda-8ef6-a5fda225f579", "id": "CVE-2026-27601", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-27601 affects version 2.42.0 of loopback." }, "affects": [ { "ref": "pkg:npm/loopback@2.42.0" } ] }, { "bom-ref": "urn:uuid:1e1a18bb-7aac-5ea5-865d-881bed2c903f", "id": "GHSA-724c-6vrf-99rq", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-724c-6vrf-99rq affects version 2.42.0 of loopback." }, "affects": [ { "ref": "pkg:npm/loopback@2.42.0" } ] }, { "bom-ref": "urn:uuid:d5903b63-e1f0-5c9b-86e3-351b1697eb77", "id": "GHSA-8wgc-jjvv-cv6v", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-8wgc-jjvv-cv6v affects version 2.42.0 of loopback." }, "affects": [ { "ref": "pkg:npm/loopback@2.42.0" } ] }, { "bom-ref": "urn:uuid:7bdd9fbd-71a8-525b-b0cd-6235409d1435", "id": "GHSA-9h6g-pr28-7cqp", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-9h6g-pr28-7cqp affects version 2.42.0 of loopback." }, "affects": [ { "ref": "pkg:npm/loopback@2.42.0" } ] }, { "bom-ref": "urn:uuid:6d60fd2b-9217-5fb3-9e8e-8a1a7ee00234", "id": "GHSA-c7w3-x93f-qmm8", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-c7w3-x93f-qmm8 affects version 2.42.0 of loopback." }, "affects": [ { "ref": "pkg:npm/loopback@2.42.0" } ] }, { "bom-ref": "urn:uuid:85e018cf-5531-530d-962e-5240c0037338", "id": "GHSA-jj37-3377-m6vv", "analysis": { "state": "false_positive", "detail": "Vulnerability GHSA-jj37-3377-m6vv is a false positive for loopback 2.42.0." }, "affects": [ { "ref": "pkg:npm/loopback@2.42.0" } ] }, { "bom-ref": "urn:uuid:04022115-8477-52cf-b51c-e49f6a5e3c3e", "id": "GHSA-mm7p-fcc7-pg87", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-mm7p-fcc7-pg87 affects version 2.42.0 of loopback." }, "affects": [ { "ref": "pkg:npm/loopback@2.42.0" } ] }, { "bom-ref": "urn:uuid:5896c2e2-39e4-5889-9efb-f659ba7b7735", "id": "GHSA-vvjj-xcjg-gr5g", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-vvjj-xcjg-gr5g affects version 2.42.0 of loopback." }, "affects": [ { "ref": "pkg:npm/loopback@2.42.0" } ] } ], "dependencies": [ { "ref": "pkg:npm/loopback@2.42.0" } ] }