{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:eedb38af-db2f-5e34-bc14-9c644b7245a8", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/next@3.2.2", "type": "library", "name": "next", "version": "3.2.2", "purl": "pkg:npm/next@3.2.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:536b7804-e91d-533c-b3d9-aa072762907f", "id": "CVE-2017-16119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-16119 affects version 3.2.2 of next." }, "affects": [ { "ref": "pkg:npm/next@3.2.2" } ] }, { "bom-ref": "urn:uuid:79a196ad-eaa9-50eb-baa2-36ff49de0b29", "id": "CVE-2017-16138", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-16138 affects version 3.2.2 of next." }, "affects": [ { "ref": "pkg:npm/next@3.2.2" } ] }, { "bom-ref": "urn:uuid:10d1072b-d864-5a8b-ba90-2d83b605032d", "id": "CVE-2018-6184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-6184 affects version 3.2.2 of next." }, "affects": [ { "ref": "pkg:npm/next@3.2.2" } ] }, { "bom-ref": "urn:uuid:84416ad4-74ea-5231-8800-39a9a470041f", "id": "CVE-2020-15168", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-15168 affects version 3.2.2 of next." }, "affects": [ { "ref": "pkg:npm/next@3.2.2" } ] }, { "bom-ref": "urn:uuid:6afe546f-cc56-5513-818f-b80757539be2", "id": "CVE-2020-15366", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-15366 affects version 3.2.2 of next." }, "affects": [ { "ref": "pkg:npm/next@3.2.2" } ] }, { "bom-ref": "urn:uuid:985291de-464b-5089-8a00-47bb8c191df0", "id": "CVE-2020-5284", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5284 affects version 3.2.2 of next." }, "affects": [ { "ref": "pkg:npm/next@3.2.2" } ] }, { "bom-ref": "urn:uuid:5125f656-bf81-5375-bfb5-580505f73697", "id": "CVE-2020-7598", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-7598 affects version 3.2.2 of next." }, "affects": [ { "ref": "pkg:npm/next@3.2.2" } ] }, { "bom-ref": "urn:uuid:af081e6e-15bd-515d-b3d2-811346a2a399", "id": "CVE-2020-7608", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-7608 affects version 3.2.2 of next." }, "affects": [ { "ref": "pkg:npm/next@3.2.2" } ] }, { "bom-ref": "urn:uuid:d3797e71-616c-5d83-9b8e-f6dbc968993a", "id": "CVE-2021-23424", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-23424 affects version 3.2.2 of next." }, "affects": [ { "ref": "pkg:npm/next@3.2.2" } ] }, { "bom-ref": "urn:uuid:d3a824ef-6a41-5c0c-86ad-8b40d887d2cf", "id": "CVE-2021-37699", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-37699 affects version 3.2.2 of next." }, "affects": [ { "ref": "pkg:npm/next@3.2.2" } ] }, { "bom-ref": "urn:uuid:89d8e350-3d78-59bc-a5cc-e887e734d7fb", "id": "CVE-2021-43803", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-43803 affects version 3.2.2 of next." }, "affects": [ { "ref": "pkg:npm/next@3.2.2" } ] }, { "bom-ref": "urn:uuid:f5ec54f2-8ed3-506e-ab1c-b836b698f3c2", "id": "CVE-2021-44906", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-44906 affects version 3.2.2 of next." }, "affects": [ { "ref": "pkg:npm/next@3.2.2" } ] }, { "bom-ref": "urn:uuid:d3ec236e-730b-5622-b148-3ae8d6b253ad", "id": "CVE-2022-0235", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-0235 affects version 3.2.2 of next." }, "affects": [ { "ref": "pkg:npm/next@3.2.2" } ] }, { "bom-ref": "urn:uuid:e7671eab-376a-54ba-8b6e-d538595001a8", "id": "CVE-2022-37599", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-37599 affects version 3.2.2 of next." }, "affects": [ { "ref": "pkg:npm/next@3.2.2" } ] }, { "bom-ref": "urn:uuid:5dc13b5d-444e-5c30-b2a3-bd0b16440055", "id": "CVE-2022-37601", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-37601 affects version 3.2.2 of next." }, "affects": [ { "ref": "pkg:npm/next@3.2.2" } ] }, { "bom-ref": "urn:uuid:e7be2b90-30dc-5af3-ae38-b25eb53691b0", "id": "CVE-2022-37603", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-37603 affects version 3.2.2 of next." }, "affects": [ { "ref": "pkg:npm/next@3.2.2" } ] }, { "bom-ref": "urn:uuid:b8c93185-2ae8-5ef7-a249-323b0d9f70f9", "id": "CVE-2022-46175", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-46175 affects version 3.2.2 of next." }, "affects": [ { "ref": "pkg:npm/next@3.2.2" } ] }, { "bom-ref": "urn:uuid:4a86502f-2557-5a6b-80c3-f6f4ac674511", "id": "CVE-2023-45133", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-45133 affects version 3.2.2 of next." }, "affects": [ { "ref": "pkg:npm/next@3.2.2" } ] }, { "bom-ref": "urn:uuid:774ea9d5-0b4f-5959-9daf-d1fb016182c5", "id": "CVE-2023-46298", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-46298 affects version 3.2.2 of next." }, "affects": [ { "ref": "pkg:npm/next@3.2.2" } ] }, { "bom-ref": "urn:uuid:2bbe2240-d095-57b8-b430-461a88fc76fd", "id": "CVE-2024-29180", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-29180 affects version 3.2.2 of next." }, "affects": [ { "ref": "pkg:npm/next@3.2.2" } ] }, { "bom-ref": "urn:uuid:0f0d693f-1577-5f28-a3b5-b7219ecadf2b", "id": "CVE-2024-4067", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-4067 affects version 3.2.2 of next." }, "affects": [ { "ref": "pkg:npm/next@3.2.2" } ] }, { "bom-ref": "urn:uuid:602b270d-e653-5ead-82ea-8f3b128d7d91", "id": "CVE-2024-4068", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-4068 affects version 3.2.2 of next." }, "affects": [ { "ref": "pkg:npm/next@3.2.2" } ] }, { "bom-ref": "urn:uuid:ed0eb43a-c950-5755-9cd4-47d235cea9e4", "id": "CVE-2024-43799", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-43799 affects version 3.2.2 of next." }, "affects": [ { "ref": "pkg:npm/next@3.2.2" } ] }, { "bom-ref": "urn:uuid:348bc07a-c32a-5164-8ce9-dd8ef147c710", "id": "CVE-2025-14505", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-14505 affects version 3.2.2 of next." }, "affects": [ { "ref": "pkg:npm/next@3.2.2" } ] }, { "bom-ref": "urn:uuid:9fa25036-8c11-587a-84be-295f0e18027e", "id": "CVE-2025-27789", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-27789 affects version 3.2.2 of next." }, "affects": [ { "ref": "pkg:npm/next@3.2.2" } ] }, { "bom-ref": "urn:uuid:80def141-1774-5ebb-ba3e-1a28fe229c6f", "id": "CVE-2025-32421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-32421 affects version 3.2.2 of next." }, "affects": [ { "ref": "pkg:npm/next@3.2.2" } ] }, { "bom-ref": "urn:uuid:1607365f-d939-5ee5-a721-415cbcdb7995", "id": "CVE-2025-55173", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55173 affects version 3.2.2 of next." }, "affects": [ { "ref": "pkg:npm/next@3.2.2" } ] }, { "bom-ref": "urn:uuid:f4f9ccfb-e80d-59d0-86c9-50037f1c84fe", "id": "CVE-2025-57352", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-57352 affects version 3.2.2 of next." }, "affects": [ { "ref": "pkg:npm/next@3.2.2" } ] }, { "bom-ref": "urn:uuid:4d5660db-8213-57ce-ac08-e4ab3424ecae", "id": "CVE-2025-57752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-57752 affects version 3.2.2 of next." }, "affects": [ { "ref": "pkg:npm/next@3.2.2" } ] }, { "bom-ref": "urn:uuid:afaec97d-fcb2-50cc-a459-94dab8ec7d52", "id": "CVE-2025-57822", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-57822 affects version 3.2.2 of next." }, "affects": [ { "ref": "pkg:npm/next@3.2.2" } ] }, { "bom-ref": "urn:uuid:1e67a315-c3be-55c1-a526-0a2f03658cae", "id": "CVE-2025-5889", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5889 affects version 3.2.2 of next." }, "affects": [ { "ref": "pkg:npm/next@3.2.2" } ] }, { "bom-ref": "urn:uuid:3dbdf6e8-948e-5297-8cff-abf52335b644", "id": "CVE-2025-59472", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-59472 affects version 3.2.2 of next." }, "affects": [ { "ref": "pkg:npm/next@3.2.2" } ] }, { "bom-ref": "urn:uuid:72bf4630-6e58-5247-9aae-b95ed7ebe2f7", "id": "CVE-2025-68458", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-68458 affects version 3.2.2 of next." }, "affects": [ { "ref": "pkg:npm/next@3.2.2" } ] }, { "bom-ref": "urn:uuid:3412be8a-bafc-5d7a-a059-7f099b4193c1", "id": "CVE-2025-69873", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-69873 affects version 3.2.2 of next." }, "affects": [ { "ref": "pkg:npm/next@3.2.2" } ] }, { "bom-ref": "urn:uuid:d0b7d778-5a07-566b-b90e-fb301b1d5903", "id": "CVE-2026-26996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-26996 affects version 3.2.2 of next." }, "affects": [ { "ref": "pkg:npm/next@3.2.2" } ] }, { "bom-ref": "urn:uuid:97453b10-5482-5e71-9dde-13c0d0d19c9d", "id": "CVE-2026-2739", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2739 affects version 3.2.2 of next." }, "affects": [ { "ref": "pkg:npm/next@3.2.2" } ] }, { "bom-ref": "urn:uuid:0da64630-cb11-598a-84a4-65998f6e0947", "id": "CVE-2026-33750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33750 affects version 3.2.2 of next." }, "affects": [ { "ref": "pkg:npm/next@3.2.2" } ] }, { "bom-ref": "urn:uuid:f1dcb078-90cb-58d7-b921-7c32e0e2b1ff", "id": "CVE-2026-41907", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41907 affects version 3.2.2 of next." }, "affects": [ { "ref": "pkg:npm/next@3.2.2" } ] }, { "bom-ref": "urn:uuid:011389ee-c7e0-5d59-bf89-75fd83389037", "id": "GHSA-5vj8-3v2h-h38v", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-5vj8-3v2h-h38v affects version 3.2.2 of next." }, "affects": [ { "ref": "pkg:npm/next@3.2.2" } ] }, { "bom-ref": "urn:uuid:45951d62-f3f6-5850-a427-4eec9c4b9058", "id": "GHSA-7fhm-mqm4-2wp7", "analysis": { "state": "false_positive", "detail": "Vulnerability GHSA-7fhm-mqm4-2wp7 is a false positive for next 3.2.2." }, "affects": [ { "ref": "pkg:npm/next@3.2.2" } ] }, { "bom-ref": "urn:uuid:760402e0-840f-53b6-baf5-c3c8d6e68817", "id": "GHSA-w5hq-g745-h8pq", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-w5hq-g745-h8pq affects version 3.2.2 of next." }, "affects": [ { "ref": "pkg:npm/next@3.2.2" } ] } ], "dependencies": [ { "ref": "pkg:npm/next@3.2.2" } ] }