{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:0e212fa1-c15a-5493-84ec-02547dd400e3", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/next@12.3.4", "type": "library", "name": "next", "version": "12.3.4", "purl": "pkg:npm/next@12.3.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:e1aab68e-f6f3-586f-86ed-a4e2e8002e29", "id": "CVE-2023-26136", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-26136 affects version 12.3.4 of next." }, "affects": [ { "ref": "pkg:npm/next@12.3.4" } ] }, { "bom-ref": "urn:uuid:52a1bff2-21df-56b4-be8e-9ec845d509b0", "id": "CVE-2023-28155", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-28155 affects version 12.3.4 of next." }, "affects": [ { "ref": "pkg:npm/next@12.3.4" } ] }, { "bom-ref": "urn:uuid:9e1be0ea-03cb-5e5e-8358-cd75958d8d12", "id": "CVE-2023-44270", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44270 affects version 12.3.4 of next." }, "affects": [ { "ref": "pkg:npm/next@12.3.4" } ] }, { "bom-ref": "urn:uuid:d4b7d92a-f021-5ffc-86c1-fd96f8a3c688", "id": "CVE-2023-46298", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-46298 affects version 12.3.4 of next." }, "affects": [ { "ref": "pkg:npm/next@12.3.4" } ] }, { "bom-ref": "urn:uuid:b3986728-08ec-5e8f-9776-7cd5900706b9", "id": "CVE-2024-47831", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-47831 affects version 12.3.4 of next." }, "affects": [ { "ref": "pkg:npm/next@12.3.4" } ] }, { "bom-ref": "urn:uuid:0fade061-2852-5186-854d-616aabcdd7f2", "id": "CVE-2024-51479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-51479 affects version 12.3.4 of next." }, "affects": [ { "ref": "pkg:npm/next@12.3.4" } ] }, { "bom-ref": "urn:uuid:33f99140-3d18-5258-af0e-e360ea4fe010", "id": "CVE-2025-15284", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-15284 affects version 12.3.4 of next." }, "affects": [ { "ref": "pkg:npm/next@12.3.4" } ] }, { "bom-ref": "urn:uuid:11261cc6-24b0-51c8-b772-28ee3fdbb982", "id": "CVE-2025-29927", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-29927 affects version 12.3.4 of next." }, "affects": [ { "ref": "pkg:npm/next@12.3.4" } ] }, { "bom-ref": "urn:uuid:817939ca-1ee8-50b5-a57e-60478bc8bd0b", "id": "CVE-2025-32421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-32421 affects version 12.3.4 of next." }, "affects": [ { "ref": "pkg:npm/next@12.3.4" } ] }, { "bom-ref": "urn:uuid:c6e5da0c-f762-55a0-8563-fff479d8e810", "id": "CVE-2025-55173", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55173 affects version 12.3.4 of next." }, "affects": [ { "ref": "pkg:npm/next@12.3.4" } ] }, { "bom-ref": "urn:uuid:77c9467a-4d1a-56b5-843d-d6806497b989", "id": "CVE-2025-57752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-57752 affects version 12.3.4 of next." }, "affects": [ { "ref": "pkg:npm/next@12.3.4" } ] }, { "bom-ref": "urn:uuid:e7adcbbd-4065-5285-bcb6-86d9cdca4fae", "id": "CVE-2025-57822", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-57822 affects version 12.3.4 of next." }, "affects": [ { "ref": "pkg:npm/next@12.3.4" } ] }, { "bom-ref": "urn:uuid:bad234f3-fa81-50c9-bb66-72f3b377ce27", "id": "CVE-2025-59471", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-59471 affects version 12.3.4 of next." }, "affects": [ { "ref": "pkg:npm/next@12.3.4" } ] }, { "bom-ref": "urn:uuid:2ba63964-7ef6-57c2-8437-b6a3d2624add", "id": "CVE-2025-59472", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-59472 affects version 12.3.4 of next." }, "affects": [ { "ref": "pkg:npm/next@12.3.4" } ] }, { "bom-ref": "urn:uuid:d97cd88a-a313-52a5-aa2f-64ec9408f9ae", "id": "CVE-2025-7783", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-7783 affects version 12.3.4 of next." }, "affects": [ { "ref": "pkg:npm/next@12.3.4" } ] }, { "bom-ref": "urn:uuid:875ba338-7db0-5318-a7b6-832b5731a360", "id": "CVE-2026-23745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-23745 affects version 12.3.4 of next." }, "affects": [ { "ref": "pkg:npm/next@12.3.4" } ] }, { "bom-ref": "urn:uuid:14c97cf2-4587-543f-8e4c-68aa763af30f", "id": "CVE-2026-2391", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2391 affects version 12.3.4 of next." }, "affects": [ { "ref": "pkg:npm/next@12.3.4" } ] }, { "bom-ref": "urn:uuid:730ac2c4-4385-549d-b14e-e9e8f4aac765", "id": "CVE-2026-23950", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-23950 affects version 12.3.4 of next." }, "affects": [ { "ref": "pkg:npm/next@12.3.4" } ] }, { "bom-ref": "urn:uuid:6710577e-23a4-5cc5-8d0d-d38182e8c65d", "id": "CVE-2026-24842", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24842 affects version 12.3.4 of next." }, "affects": [ { "ref": "pkg:npm/next@12.3.4" } ] }, { "bom-ref": "urn:uuid:15655778-febd-5674-b973-cec00304ad83", "id": "CVE-2026-26960", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-26960 affects version 12.3.4 of next." }, "affects": [ { "ref": "pkg:npm/next@12.3.4" } ] }, { "bom-ref": "urn:uuid:b742e1b7-16d2-566a-b2ef-2f4419274e5c", "id": "CVE-2026-26996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-26996 affects version 12.3.4 of next." }, "affects": [ { "ref": "pkg:npm/next@12.3.4" } ] }, { "bom-ref": "urn:uuid:db452fe1-add7-56ae-858f-507d2ec2152c", "id": "CVE-2026-27903", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-27903 affects version 12.3.4 of next." }, "affects": [ { "ref": "pkg:npm/next@12.3.4" } ] }, { "bom-ref": "urn:uuid:8cbc6ab6-4e70-58b8-a94e-de591f43b762", "id": "CVE-2026-27904", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-27904 affects version 12.3.4 of next." }, "affects": [ { "ref": "pkg:npm/next@12.3.4" } ] }, { "bom-ref": "urn:uuid:646829b3-bb41-5716-a56b-3901066acee1", "id": "CVE-2026-27980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-27980 affects version 12.3.4 of next." }, "affects": [ { "ref": "pkg:npm/next@12.3.4" } ] }, { "bom-ref": "urn:uuid:422a7599-80ef-5aec-a26e-7aa9c0fd2847", "id": "CVE-2026-29057", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29057 affects version 12.3.4 of next." }, "affects": [ { "ref": "pkg:npm/next@12.3.4" } ] }, { "bom-ref": "urn:uuid:7c811a07-40bc-58c4-9cb6-1a6db7cccb58", "id": "CVE-2026-29786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29786 affects version 12.3.4 of next." }, "affects": [ { "ref": "pkg:npm/next@12.3.4" } ] }, { "bom-ref": "urn:uuid:24a88fc6-1a8d-5c25-8d4e-5ae08d6a5f5f", "id": "CVE-2026-31802", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-31802 affects version 12.3.4 of next." }, "affects": [ { "ref": "pkg:npm/next@12.3.4" } ] }, { "bom-ref": "urn:uuid:45961a13-eb89-529b-8635-6a0850b68eac", "id": "CVE-2026-3449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-3449 affects version 12.3.4 of next." }, "affects": [ { "ref": "pkg:npm/next@12.3.4" } ] }, { "bom-ref": "urn:uuid:6c0ad792-8176-5712-953c-0768c1c2029e", "id": "CVE-2026-41305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41305 affects version 12.3.4 of next." }, "affects": [ { "ref": "pkg:npm/next@12.3.4" } ] }, { "bom-ref": "urn:uuid:e3ef0f92-7b58-5883-94ef-9c061bbd33ae", "id": "CVE-2026-44572", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44572 affects version 12.3.4 of next." }, "affects": [ { "ref": "pkg:npm/next@12.3.4" } ] }, { "bom-ref": "urn:uuid:4e251f9f-44d4-58b7-90a6-1a7aa0051d06", "id": "CVE-2026-44573", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44573 affects version 12.3.4 of next." }, "affects": [ { "ref": "pkg:npm/next@12.3.4" } ] }, { "bom-ref": "urn:uuid:6adb1a5b-085f-53d1-bfc5-2034f7a856a7", "id": "CVE-2026-44577", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44577 affects version 12.3.4 of next." }, "affects": [ { "ref": "pkg:npm/next@12.3.4" } ] }, { "bom-ref": "urn:uuid:a957a45a-1604-529e-8a6a-08774d9843c6", "id": "GHSA-w5hq-g745-h8pq", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-w5hq-g745-h8pq affects version 12.3.4 of next." }, "affects": [ { "ref": "pkg:npm/next@12.3.4" } ] } ], "dependencies": [ { "ref": "pkg:npm/next@12.3.4" } ] }