{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:f3f183ec-a602-5201-a444-9abdc5056837", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/next@2.4.9", "type": "library", "name": "next", "version": "2.4.9", "purl": "pkg:npm/next@2.4.9" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:20ff6566-7736-5be8-8dc0-b490ced6b7af", "id": "CVE-2017-16119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-16119 affects version 2.4.9 of next." }, "affects": [ { "ref": "pkg:npm/next@2.4.9" } ] }, { "bom-ref": "urn:uuid:36e6d917-fb8c-5b2b-a6d7-0d276238f510", "id": "CVE-2017-16137", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-16137 affects version 2.4.9 of next." }, "affects": [ { "ref": "pkg:npm/next@2.4.9" } ] }, { "bom-ref": "urn:uuid:7a896807-ffbc-52c6-aaf5-318bc55b3eab", "id": "CVE-2017-20162", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-20162 affects version 2.4.9 of next." }, "affects": [ { "ref": "pkg:npm/next@2.4.9" } ] }, { "bom-ref": "urn:uuid:5e78e630-e14b-52cc-9120-8ef23ada6c92", "id": "CVE-2017-20165", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-20165 affects version 2.4.9 of next." }, "affects": [ { "ref": "pkg:npm/next@2.4.9" } ] }, { "bom-ref": "urn:uuid:bd7d9135-03c3-530a-91e1-b7c5140e982e", "id": "CVE-2018-6184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-6184 affects version 2.4.9 of next." }, "affects": [ { "ref": "pkg:npm/next@2.4.9" } ] }, { "bom-ref": "urn:uuid:7ccc9f32-3b4e-5427-907e-6aee211736b6", "id": "CVE-2020-15168", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-15168 affects version 2.4.9 of next." }, "affects": [ { "ref": "pkg:npm/next@2.4.9" } ] }, { "bom-ref": "urn:uuid:b3ddf75e-5e33-5f43-8792-ae25f3988cec", "id": "CVE-2020-15366", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-15366 affects version 2.4.9 of next." }, "affects": [ { "ref": "pkg:npm/next@2.4.9" } ] }, { "bom-ref": "urn:uuid:a5848e9b-b48f-5a7b-88a0-8df2923d5628", "id": "CVE-2020-5284", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5284 affects version 2.4.9 of next." }, "affects": [ { "ref": "pkg:npm/next@2.4.9" } ] }, { "bom-ref": "urn:uuid:fc8f0f57-530d-5481-a124-657c9a5108b6", "id": "CVE-2020-7598", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-7598 affects version 2.4.9 of next." }, "affects": [ { "ref": "pkg:npm/next@2.4.9" } ] }, { "bom-ref": "urn:uuid:6e530fe0-9dfb-5b6b-aaf0-d8c667f71178", "id": "CVE-2021-20066", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2021-20066 is a false positive for next 2.4.9." }, "affects": [ { "ref": "pkg:npm/next@2.4.9" } ] }, { "bom-ref": "urn:uuid:ee879d3c-a991-5d3b-a401-157b094849d6", "id": "CVE-2021-23424", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-23424 affects version 2.4.9 of next." }, "affects": [ { "ref": "pkg:npm/next@2.4.9" } ] }, { "bom-ref": "urn:uuid:ea4e564a-d044-5967-ac15-a7416d0ba499", "id": "CVE-2021-37699", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-37699 affects version 2.4.9 of next." }, "affects": [ { "ref": "pkg:npm/next@2.4.9" } ] }, { "bom-ref": "urn:uuid:cb93709b-b567-5907-aa52-d62ab50997b9", "id": "CVE-2021-43803", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-43803 affects version 2.4.9 of next." }, "affects": [ { "ref": "pkg:npm/next@2.4.9" } ] }, { "bom-ref": "urn:uuid:9201b821-5778-5c8e-ad44-d0a81c00e5c5", "id": "CVE-2021-44906", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-44906 affects version 2.4.9 of next." }, "affects": [ { "ref": "pkg:npm/next@2.4.9" } ] }, { "bom-ref": "urn:uuid:f65337c0-7bd3-5f91-9a39-2726e29e12b5", "id": "CVE-2022-0235", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-0235 affects version 2.4.9 of next." }, "affects": [ { "ref": "pkg:npm/next@2.4.9" } ] }, { "bom-ref": "urn:uuid:91e8f978-bf26-5603-9e44-caea256d3e24", "id": "CVE-2022-37599", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-37599 affects version 2.4.9 of next." }, "affects": [ { "ref": "pkg:npm/next@2.4.9" } ] }, { "bom-ref": "urn:uuid:6f19d8c0-1c62-5fe5-8dc1-b934a5ff8749", "id": "CVE-2022-37601", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-37601 affects version 2.4.9 of next." }, "affects": [ { "ref": "pkg:npm/next@2.4.9" } ] }, { "bom-ref": "urn:uuid:45da9af8-b388-5733-bc10-8c489c418b04", "id": "CVE-2022-37603", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-37603 affects version 2.4.9 of next." }, "affects": [ { "ref": "pkg:npm/next@2.4.9" } ] }, { "bom-ref": "urn:uuid:87574c74-8a9d-598e-a37b-6e9748cc96f6", "id": "CVE-2023-45133", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-45133 affects version 2.4.9 of next." }, "affects": [ { "ref": "pkg:npm/next@2.4.9" } ] }, { "bom-ref": "urn:uuid:920095a1-8e1e-5a59-86e1-512a02e5a5d9", "id": "CVE-2023-46298", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-46298 affects version 2.4.9 of next." }, "affects": [ { "ref": "pkg:npm/next@2.4.9" } ] }, { "bom-ref": "urn:uuid:09abbb7f-ef85-5b23-b102-3e628e19ac0b", "id": "CVE-2024-29180", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-29180 affects version 2.4.9 of next." }, "affects": [ { "ref": "pkg:npm/next@2.4.9" } ] }, { "bom-ref": "urn:uuid:35cf22cd-fda2-567f-b68f-162bb5169ea5", "id": "CVE-2024-4067", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-4067 affects version 2.4.9 of next." }, "affects": [ { "ref": "pkg:npm/next@2.4.9" } ] }, { "bom-ref": "urn:uuid:e56861c1-0851-5bcc-9916-d7918bfd646b", "id": "CVE-2024-4068", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-4068 affects version 2.4.9 of next." }, "affects": [ { "ref": "pkg:npm/next@2.4.9" } ] }, { "bom-ref": "urn:uuid:b580733c-5941-5f94-93dc-4d7b2c8e7740", "id": "CVE-2024-43799", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-43799 affects version 2.4.9 of next." }, "affects": [ { "ref": "pkg:npm/next@2.4.9" } ] }, { "bom-ref": "urn:uuid:26e40083-084c-59a4-8941-0b2adac7aa54", "id": "CVE-2025-14505", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-14505 affects version 2.4.9 of next." }, "affects": [ { "ref": "pkg:npm/next@2.4.9" } ] }, { "bom-ref": "urn:uuid:c8150a34-8de6-53f6-9db5-020a57179ffd", "id": "CVE-2025-27789", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-27789 affects version 2.4.9 of next." }, "affects": [ { "ref": "pkg:npm/next@2.4.9" } ] }, { "bom-ref": "urn:uuid:c9af3f2b-115c-5fac-b55e-33333ddd7d3d", "id": "CVE-2025-32421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-32421 affects version 2.4.9 of next." }, "affects": [ { "ref": "pkg:npm/next@2.4.9" } ] }, { "bom-ref": "urn:uuid:7a43605f-bd96-5495-a7a0-148f57db9070", "id": "CVE-2025-55173", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55173 affects version 2.4.9 of next." }, "affects": [ { "ref": "pkg:npm/next@2.4.9" } ] }, { "bom-ref": "urn:uuid:ac00174b-1cc0-53c4-8dd5-c8374d319caa", "id": "CVE-2025-57352", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-57352 affects version 2.4.9 of next." }, "affects": [ { "ref": "pkg:npm/next@2.4.9" } ] }, { "bom-ref": "urn:uuid:c2244260-7336-50a9-817c-7e57c02a8e9c", "id": "CVE-2025-57752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-57752 affects version 2.4.9 of next." }, "affects": [ { "ref": "pkg:npm/next@2.4.9" } ] }, { "bom-ref": "urn:uuid:7222aec5-ead4-52cc-bbca-bff48df1fe99", "id": "CVE-2025-57822", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-57822 affects version 2.4.9 of next." }, "affects": [ { "ref": "pkg:npm/next@2.4.9" } ] }, { "bom-ref": "urn:uuid:6c98f95c-4bf6-5351-b8c8-00a545c5b3d2", "id": "CVE-2025-59472", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-59472 affects version 2.4.9 of next." }, "affects": [ { "ref": "pkg:npm/next@2.4.9" } ] }, { "bom-ref": "urn:uuid:e911ebec-c940-5a1b-9c2a-428132be0028", "id": "CVE-2025-68458", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-68458 affects version 2.4.9 of next." }, "affects": [ { "ref": "pkg:npm/next@2.4.9" } ] }, { "bom-ref": "urn:uuid:6520b2f5-38cc-5eb7-87e6-ced5556f7f58", "id": "CVE-2025-69873", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-69873 affects version 2.4.9 of next." }, "affects": [ { "ref": "pkg:npm/next@2.4.9" } ] }, { "bom-ref": "urn:uuid:ce037712-a56b-52ed-b4e3-f5a013bbc807", "id": "CVE-2026-2739", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2739 affects version 2.4.9 of next." }, "affects": [ { "ref": "pkg:npm/next@2.4.9" } ] }, { "bom-ref": "urn:uuid:a72d63d1-4753-531b-8d19-0efc62d97ee9", "id": "CVE-2026-41907", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41907 affects version 2.4.9 of next." }, "affects": [ { "ref": "pkg:npm/next@2.4.9" } ] }, { "bom-ref": "urn:uuid:77b35506-2dc6-5e82-8018-03bf51efcbb7", "id": "GHSA-5vj8-3v2h-h38v", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-5vj8-3v2h-h38v affects version 2.4.9 of next." }, "affects": [ { "ref": "pkg:npm/next@2.4.9" } ] }, { "bom-ref": "urn:uuid:61bcd291-0b75-57bc-abf3-8a8a78db74d2", "id": "GHSA-7fhm-mqm4-2wp7", "analysis": { "state": "false_positive", "detail": "Vulnerability GHSA-7fhm-mqm4-2wp7 is a false positive for next 2.4.9." }, "affects": [ { "ref": "pkg:npm/next@2.4.9" } ] }, { "bom-ref": "urn:uuid:c4c5babc-3e03-569c-a540-b47fb74a7624", "id": "GHSA-w5hq-g745-h8pq", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-w5hq-g745-h8pq affects version 2.4.9 of next." }, "affects": [ { "ref": "pkg:npm/next@2.4.9" } ] } ], "dependencies": [ { "ref": "pkg:npm/next@2.4.9" } ] }