{
  "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
  "bomFormat": "CycloneDX",
  "specVersion": "1.6",
  "serialNumber": "urn:uuid:fccef359-a6c3-53ba-ab9b-4bfabd14b5a7",
  "version": 1,
  "metadata": {
    "tools": [
      {
        "name": "tuxcare-vex-generator",
        "version": "1.0.0"
      }
    ]
  },
  "components": [
    {
      "bom-ref": "pkg:npm/loopback@3.28.0",
      "type": "library",
      "name": "loopback",
      "version": "3.28.0",
      "purl": "pkg:npm/loopback@3.28.0"
    }
  ],
  "vulnerabilities": [
    {
      "bom-ref": "urn:uuid:2b0ad25b-55f3-5012-90bb-830423a47aed",
      "id": "CVE-2021-23358",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2021-23358 affects version 3.28.0 of loopback."
      },
      "affects": [
        {
          "ref": "pkg:npm/loopback@3.28.0"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:7b9d97ea-2b3f-5fee-b6ad-121a4f2879db",
      "id": "CVE-2022-29078",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2022-29078 affects version 3.28.0 of loopback."
      },
      "affects": [
        {
          "ref": "pkg:npm/loopback@3.28.0"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:37e70a9c-aef4-5b90-b809-76f109cf8a5b",
      "id": "CVE-2024-33883",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-33883 affects version 3.28.0 of loopback."
      },
      "affects": [
        {
          "ref": "pkg:npm/loopback@3.28.0"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:ea74cbc4-267a-5992-adb1-ad59ce019952",
      "id": "CVE-2025-13033",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2025-13033 affects version 3.28.0 of loopback."
      },
      "affects": [
        {
          "ref": "pkg:npm/loopback@3.28.0"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:d0826f35-fef4-5e1c-8b37-8fa957ae519c",
      "id": "CVE-2025-14874",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2025-14874 affects version 3.28.0 of loopback."
      },
      "affects": [
        {
          "ref": "pkg:npm/loopback@3.28.0"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:8bc9d1d2-17be-51a2-b9b1-0eb1cc761929",
      "id": "CVE-2025-5889",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2025-5889 affects version 3.28.0 of loopback."
      },
      "affects": [
        {
          "ref": "pkg:npm/loopback@3.28.0"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:aec9fb8e-e6f4-50e1-abdb-6e7c18f857cb",
      "id": "CVE-2026-26996",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-26996 affects version 3.28.0 of loopback."
      },
      "affects": [
        {
          "ref": "pkg:npm/loopback@3.28.0"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:dca762d9-a731-59c9-813a-1041ea8abfec",
      "id": "CVE-2026-27601",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-27601 affects version 3.28.0 of loopback."
      },
      "affects": [
        {
          "ref": "pkg:npm/loopback@3.28.0"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:b73e64f9-7cd6-56a7-86cf-fba9ecb8b22e",
      "id": "CVE-2026-33750",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-33750 affects version 3.28.0 of loopback."
      },
      "affects": [
        {
          "ref": "pkg:npm/loopback@3.28.0"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:7985dc63-6503-5e9b-b2b8-91f73a04aea6",
      "id": "CVE-2026-41907",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-41907 affects version 3.28.0 of loopback."
      },
      "affects": [
        {
          "ref": "pkg:npm/loopback@3.28.0"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:b5b16471-2bbe-5ff1-8dd2-a4fe6d6f7129",
      "id": "GHSA-c7w3-x93f-qmm8",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability GHSA-c7w3-x93f-qmm8 affects version 3.28.0 of loopback."
      },
      "affects": [
        {
          "ref": "pkg:npm/loopback@3.28.0"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:69fcc198-3027-5a2d-8217-ab8f7fdb8514",
      "id": "GHSA-jj37-3377-m6vv",
      "analysis": {
        "state": "false_positive",
        "detail": "Vulnerability GHSA-jj37-3377-m6vv is a false positive for loopback 3.28.0."
      },
      "affects": [
        {
          "ref": "pkg:npm/loopback@3.28.0"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:dedfc7c5-d6f2-5154-ba09-f0b14d5b6dd2",
      "id": "GHSA-mm7p-fcc7-pg87",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability GHSA-mm7p-fcc7-pg87 affects version 3.28.0 of loopback."
      },
      "affects": [
        {
          "ref": "pkg:npm/loopback@3.28.0"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:18eac0d2-21bd-5ae3-ac94-06113e7507e0",
      "id": "GHSA-vvjj-xcjg-gr5g",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability GHSA-vvjj-xcjg-gr5g affects version 3.28.0 of loopback."
      },
      "affects": [
        {
          "ref": "pkg:npm/loopback@3.28.0"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:b45361aa-e9fa-5ec9-92e8-890622dc21f0",
      "id": "GHSA-w5hq-g745-h8pq",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability GHSA-w5hq-g745-h8pq affects version 3.28.0 of loopback."
      },
      "affects": [
        {
          "ref": "pkg:npm/loopback@3.28.0"
        }
      ]
    }
  ],
  "dependencies": [
    {
      "ref": "pkg:npm/loopback@3.28.0"
    }
  ]
}