{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:a858bbb3-5d3d-540f-95cd-8f00a6437fe1", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/next@14.2.35", "type": "library", "name": "next", "version": "14.2.35", "purl": "pkg:npm/next@14.2.35" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:415ad6d4-b8a6-564e-a7d3-7c1e9079ba4b", "id": "CVE-2025-55173", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55173 affects version 14.2.35 of next." }, "affects": [ { "ref": "pkg:npm/next@14.2.35" } ] }, { "bom-ref": "urn:uuid:258852d6-da25-59bc-bf23-5a5dd2d6bec1", "id": "CVE-2025-57752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-57752 affects version 14.2.35 of next." }, "affects": [ { "ref": "pkg:npm/next@14.2.35" } ] }, { "bom-ref": "urn:uuid:9deab2d9-c4a4-5636-b64a-4a464b7f6975", "id": "CVE-2025-59471", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-59471 affects version 14.2.35 of next." }, "affects": [ { "ref": "pkg:npm/next@14.2.35" } ] }, { "bom-ref": "urn:uuid:2cf26ee3-3a01-52df-8ad6-0d1a88aef692", "id": "CVE-2025-59472", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-59472 affects version 14.2.35 of next." }, "affects": [ { "ref": "pkg:npm/next@14.2.35" } ] }, { "bom-ref": "urn:uuid:d4bda284-3170-541b-9976-f0f2d8fc020e", "id": "CVE-2025-64756", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-64756 affects version 14.2.35 of next." }, "affects": [ { "ref": "pkg:npm/next@14.2.35" } ] }, { "bom-ref": "urn:uuid:cc8ea600-e5a7-5294-8c33-5cd296ee8371", "id": "CVE-2026-41305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41305 affects version 14.2.35 of next." }, "affects": [ { "ref": "pkg:npm/next@14.2.35" } ] }, { "bom-ref": "urn:uuid:3fb65c04-7667-5828-a399-78b4062e2477", "id": "CVE-2026-44572", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44572 affects version 14.2.35 of next." }, "affects": [ { "ref": "pkg:npm/next@14.2.35" } ] }, { "bom-ref": "urn:uuid:0f704227-1412-5db8-b018-7d9cbbc5330d", "id": "CVE-2026-44573", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44573 affects version 14.2.35 of next." }, "affects": [ { "ref": "pkg:npm/next@14.2.35" } ] }, { "bom-ref": "urn:uuid:6e3d457e-6f47-50d5-b46a-3565bb3a95f3", "id": "CVE-2026-44576", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44576 affects version 14.2.35 of next." }, "affects": [ { "ref": "pkg:npm/next@14.2.35" } ] }, { "bom-ref": "urn:uuid:4096303b-e1c3-5501-90d0-fc18e3f5ff47", "id": "CVE-2026-44577", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44577 affects version 14.2.35 of next." }, "affects": [ { "ref": "pkg:npm/next@14.2.35" } ] }, { "bom-ref": "urn:uuid:16f9e7ff-dcae-5006-9a5c-294723367a53", "id": "CVE-2026-44578", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44578 affects version 14.2.35 of next." }, "affects": [ { "ref": "pkg:npm/next@14.2.35" } ] }, { "bom-ref": "urn:uuid:c9850838-bd49-5102-a0b1-96826fa3fbd2", "id": "CVE-2026-44580", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44580 affects version 14.2.35 of next." }, "affects": [ { "ref": "pkg:npm/next@14.2.35" } ] }, { "bom-ref": "urn:uuid:7126ec3b-a279-506b-9e3a-03a7e9a5848a", "id": "CVE-2026-44581", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44581 affects version 14.2.35 of next." }, "affects": [ { "ref": "pkg:npm/next@14.2.35" } ] }, { "bom-ref": "urn:uuid:ff280f4e-b340-5549-a686-fd9715d68d42", "id": "CVE-2026-44582", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44582 affects version 14.2.35 of next." }, "affects": [ { "ref": "pkg:npm/next@14.2.35" } ] }, { "bom-ref": "urn:uuid:e09b5724-492d-5aa6-b762-d27bac0e964f", "id": "GHSA-8h8q-6873-q5fj", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-8h8q-6873-q5fj affects version 14.2.35 of next." }, "affects": [ { "ref": "pkg:npm/next@14.2.35" } ] }, { "bom-ref": "urn:uuid:f930c0cb-09e6-5000-ae34-9622d43c1a3a", "id": "GHSA-h25m-26qc-wcjf", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-h25m-26qc-wcjf affects version 14.2.35 of next." }, "affects": [ { "ref": "pkg:npm/next@14.2.35" } ] }, { "bom-ref": "urn:uuid:30072415-0002-5c4f-b4ae-4e0f7917bf5a", "id": "GHSA-q4gf-8mx6-v5v3", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-q4gf-8mx6-v5v3 affects version 14.2.35 of next." }, "affects": [ { "ref": "pkg:npm/next@14.2.35" } ] } ], "dependencies": [ { "ref": "pkg:npm/next@14.2.35" } ] }