{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:f539af12-5424-52c9-af39-11a220d3e624", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/next@4.2.3", "type": "library", "name": "next", "version": "4.2.3", "purl": "pkg:npm/next@4.2.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:237523f3-6e7c-5ce3-b1c3-241cc7e049b0", "id": "CVE-2020-15168", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-15168 affects version 4.2.3 of next." }, "affects": [ { "ref": "pkg:npm/next@4.2.3" } ] }, { "bom-ref": "urn:uuid:87955c6f-1502-5deb-9698-28c6cd6420fb", "id": "CVE-2020-15366", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-15366 affects version 4.2.3 of next." }, "affects": [ { "ref": "pkg:npm/next@4.2.3" } ] }, { "bom-ref": "urn:uuid:c541f80e-d3ed-5df3-b4aa-c89353f1970e", "id": "CVE-2020-26226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-26226 affects version 4.2.3 of next." }, "affects": [ { "ref": "pkg:npm/next@4.2.3" } ] }, { "bom-ref": "urn:uuid:360e4e83-abf2-5dd2-885e-f589f93d837e", "id": "CVE-2020-5284", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5284 affects version 4.2.3 of next." }, "affects": [ { "ref": "pkg:npm/next@4.2.3" } ] }, { "bom-ref": "urn:uuid:16ef4f5d-1f11-5b24-a126-8e9e6a44534d", "id": "CVE-2020-7598", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-7598 affects version 4.2.3 of next." }, "affects": [ { "ref": "pkg:npm/next@4.2.3" } ] }, { "bom-ref": "urn:uuid:1af709cf-d47e-5900-b6f6-d3e0c029bd6c", "id": "CVE-2020-7608", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-7608 affects version 4.2.3 of next." }, "affects": [ { "ref": "pkg:npm/next@4.2.3" } ] }, { "bom-ref": "urn:uuid:9107bc48-ee7a-5c63-b512-f85c6b5a5004", "id": "CVE-2020-8116", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-8116 affects version 4.2.3 of next." }, "affects": [ { "ref": "pkg:npm/next@4.2.3" } ] }, { "bom-ref": "urn:uuid:1e46291a-6413-54d5-a158-88ef777e3648", "id": "CVE-2021-23337", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-23337 affects version 4.2.3 of next." }, "affects": [ { "ref": "pkg:npm/next@4.2.3" } ] }, { "bom-ref": "urn:uuid:81de723f-ee67-585c-aaa8-c850fff8918a", "id": "CVE-2021-23424", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-23424 affects version 4.2.3 of next." }, "affects": [ { "ref": "pkg:npm/next@4.2.3" } ] }, { "bom-ref": "urn:uuid:8450e7e6-653c-5fe5-a4a4-a0f2ac0ac6ac", "id": "CVE-2021-27290", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-27290 affects version 4.2.3 of next." }, "affects": [ { "ref": "pkg:npm/next@4.2.3" } ] }, { "bom-ref": "urn:uuid:d2a39c5f-5a05-5f3a-81a2-a5d27dae97d0", "id": "CVE-2021-33623", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-33623 affects version 4.2.3 of next." }, "affects": [ { "ref": "pkg:npm/next@4.2.3" } ] }, { "bom-ref": "urn:uuid:1eaeb598-b053-5a2b-811a-2894d33a4d58", "id": "CVE-2021-37699", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-37699 affects version 4.2.3 of next." }, "affects": [ { "ref": "pkg:npm/next@4.2.3" } ] }, { "bom-ref": "urn:uuid:cc0ceb9f-17d8-55c4-8999-127bea9e91d9", "id": "CVE-2021-43803", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-43803 affects version 4.2.3 of next." }, "affects": [ { "ref": "pkg:npm/next@4.2.3" } ] }, { "bom-ref": "urn:uuid:771cb42b-f873-5184-aa4c-85ec2ed60784", "id": "CVE-2021-44906", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-44906 affects version 4.2.3 of next." }, "affects": [ { "ref": "pkg:npm/next@4.2.3" } ] }, { "bom-ref": "urn:uuid:8da800fe-6662-58fa-9a69-c64f9cf2464d", "id": "CVE-2022-0155", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-0155 affects version 4.2.3 of next." }, "affects": [ { "ref": "pkg:npm/next@4.2.3" } ] }, { "bom-ref": "urn:uuid:a3fa1cac-dbfa-5b9f-86a1-37fcd48d5540", "id": "CVE-2022-0235", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-0235 affects version 4.2.3 of next." }, "affects": [ { "ref": "pkg:npm/next@4.2.3" } ] }, { "bom-ref": "urn:uuid:ffa1040a-6d75-5264-9d37-0ae52993e6f8", "id": "CVE-2022-0536", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-0536 affects version 4.2.3 of next." }, "affects": [ { "ref": "pkg:npm/next@4.2.3" } ] }, { "bom-ref": "urn:uuid:d463ea54-39f0-531f-a8d1-f580097df3ad", "id": "CVE-2022-25881", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-25881 affects version 4.2.3 of next." }, "affects": [ { "ref": "pkg:npm/next@4.2.3" } ] }, { "bom-ref": "urn:uuid:6c50c451-cc24-56a9-a331-e54bd25271d0", "id": "CVE-2022-25883", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-25883 affects version 4.2.3 of next." }, "affects": [ { "ref": "pkg:npm/next@4.2.3" } ] }, { "bom-ref": "urn:uuid:b7ccad62-66ce-52d6-8719-8df7cfe91118", "id": "CVE-2022-33987", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-33987 affects version 4.2.3 of next." }, "affects": [ { "ref": "pkg:npm/next@4.2.3" } ] }, { "bom-ref": "urn:uuid:bc1e1074-9a16-5013-94dc-00e7f8a2e786", "id": "CVE-2022-46175", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-46175 affects version 4.2.3 of next." }, "affects": [ { "ref": "pkg:npm/next@4.2.3" } ] }, { "bom-ref": "urn:uuid:442237ee-3152-5291-bf6c-8643453857f4", "id": "CVE-2023-26136", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-26136 affects version 4.2.3 of next." }, "affects": [ { "ref": "pkg:npm/next@4.2.3" } ] }, { "bom-ref": "urn:uuid:084adbd8-625c-5edf-a9c2-3c66c39d78bd", "id": "CVE-2023-26159", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-26159 affects version 4.2.3 of next." }, "affects": [ { "ref": "pkg:npm/next@4.2.3" } ] }, { "bom-ref": "urn:uuid:6d4dea58-144d-538f-80d3-c9da46066ac7", "id": "CVE-2023-28155", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-28155 affects version 4.2.3 of next." }, "affects": [ { "ref": "pkg:npm/next@4.2.3" } ] }, { "bom-ref": "urn:uuid:f3d370cf-9bbb-5206-baf7-f8b38ce2b82c", "id": "CVE-2023-45133", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-45133 affects version 4.2.3 of next." }, "affects": [ { "ref": "pkg:npm/next@4.2.3" } ] }, { "bom-ref": "urn:uuid:341e79ea-8a83-549c-b6de-809a0ac12220", "id": "CVE-2023-46298", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-46298 affects version 4.2.3 of next." }, "affects": [ { "ref": "pkg:npm/next@4.2.3" } ] }, { "bom-ref": "urn:uuid:9f3cdfb5-49fd-5d37-b733-159b9b85976d", "id": "CVE-2024-21538", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-21538 affects version 4.2.3 of next." }, "affects": [ { "ref": "pkg:npm/next@4.2.3" } ] }, { "bom-ref": "urn:uuid:df039394-fa1c-5e1a-a362-3f4e9cb882fa", "id": "CVE-2024-28849", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-28849 affects version 4.2.3 of next." }, "affects": [ { "ref": "pkg:npm/next@4.2.3" } ] }, { "bom-ref": "urn:uuid:dddd0480-8da8-541b-8cc8-0a990cc5620e", "id": "CVE-2024-29180", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-29180 affects version 4.2.3 of next." }, "affects": [ { "ref": "pkg:npm/next@4.2.3" } ] }, { "bom-ref": "urn:uuid:78d3e1c8-d766-5e82-beb1-823a988824e7", "id": "CVE-2024-4067", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-4067 affects version 4.2.3 of next." }, "affects": [ { "ref": "pkg:npm/next@4.2.3" } ] }, { "bom-ref": "urn:uuid:2895a1a7-8a4c-532a-8cd4-07958fbd48f3", "id": "CVE-2024-4068", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-4068 affects version 4.2.3 of next." }, "affects": [ { "ref": "pkg:npm/next@4.2.3" } ] }, { "bom-ref": "urn:uuid:b78866ce-92af-5488-8dd1-5668445dcdaa", "id": "CVE-2024-43799", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-43799 affects version 4.2.3 of next." }, "affects": [ { "ref": "pkg:npm/next@4.2.3" } ] }, { "bom-ref": "urn:uuid:6b346104-0a9a-5036-9b98-bcdd053b50b7", "id": "CVE-2025-14505", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-14505 affects version 4.2.3 of next." }, "affects": [ { "ref": "pkg:npm/next@4.2.3" } ] }, { "bom-ref": "urn:uuid:6edaab02-fe5b-5750-ae1f-7c05562971aa", "id": "CVE-2025-15284", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-15284 affects version 4.2.3 of next." }, "affects": [ { "ref": "pkg:npm/next@4.2.3" } ] }, { "bom-ref": "urn:uuid:6762c5d3-8df3-5409-9125-5778a59c1253", "id": "CVE-2025-27789", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-27789 affects version 4.2.3 of next." }, "affects": [ { "ref": "pkg:npm/next@4.2.3" } ] }, { "bom-ref": "urn:uuid:a70fb17c-61cc-51ae-8834-1f6eb1892c29", "id": "CVE-2025-32421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-32421 affects version 4.2.3 of next." }, "affects": [ { "ref": "pkg:npm/next@4.2.3" } ] }, { "bom-ref": "urn:uuid:95a22b89-b3e7-5be6-8bbe-7d4c0b82f6a2", "id": "CVE-2025-55173", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55173 affects version 4.2.3 of next." }, "affects": [ { "ref": "pkg:npm/next@4.2.3" } ] }, { "bom-ref": "urn:uuid:ab570156-5d19-5b0c-9f13-f16d8b28ab8b", "id": "CVE-2025-57752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-57752 affects version 4.2.3 of next." }, "affects": [ { "ref": "pkg:npm/next@4.2.3" } ] }, { "bom-ref": "urn:uuid:ed3b4c06-b26e-5185-b197-29606b8b0e92", "id": "CVE-2025-57822", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-57822 affects version 4.2.3 of next." }, "affects": [ { "ref": "pkg:npm/next@4.2.3" } ] }, { "bom-ref": "urn:uuid:2b9dfb9b-178f-5e87-ae51-e67beb862e23", "id": "CVE-2025-5889", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5889 affects version 4.2.3 of next." }, "affects": [ { "ref": "pkg:npm/next@4.2.3" } ] }, { "bom-ref": "urn:uuid:8a5dc9ca-0c08-588e-9671-fdae96f6174e", "id": "CVE-2025-59472", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-59472 affects version 4.2.3 of next." }, "affects": [ { "ref": "pkg:npm/next@4.2.3" } ] }, { "bom-ref": "urn:uuid:648da35d-4ab0-5fe6-9e98-18b14ccd7fdc", "id": "CVE-2025-68458", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-68458 affects version 4.2.3 of next." }, "affects": [ { "ref": "pkg:npm/next@4.2.3" } ] }, { "bom-ref": "urn:uuid:e7ed185f-60b9-54e6-bfab-d6c9f5fcfa9c", "id": "CVE-2025-69873", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-69873 affects version 4.2.3 of next." }, "affects": [ { "ref": "pkg:npm/next@4.2.3" } ] }, { "bom-ref": "urn:uuid:68b07772-12f7-5e4e-ac79-6ad09c71cd62", "id": "CVE-2025-7783", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-7783 affects version 4.2.3 of next." }, "affects": [ { "ref": "pkg:npm/next@4.2.3" } ] }, { "bom-ref": "urn:uuid:3d774946-fcec-5bb8-816a-e25ee699e9f9", "id": "CVE-2026-26996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-26996 affects version 4.2.3 of next." }, "affects": [ { "ref": "pkg:npm/next@4.2.3" } ] }, { "bom-ref": "urn:uuid:bd36a1a3-51a0-53eb-b990-4ea4e8e3d34b", "id": "CVE-2026-2739", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2739 affects version 4.2.3 of next." }, "affects": [ { "ref": "pkg:npm/next@4.2.3" } ] }, { "bom-ref": "urn:uuid:4c2b8b49-25ae-55b9-b48d-62ecaab82cdc", "id": "CVE-2026-33750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33750 affects version 4.2.3 of next." }, "affects": [ { "ref": "pkg:npm/next@4.2.3" } ] }, { "bom-ref": "urn:uuid:70bf8247-c867-5ab3-b485-11090c206f74", "id": "CVE-2026-41907", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41907 affects version 4.2.3 of next." }, "affects": [ { "ref": "pkg:npm/next@4.2.3" } ] }, { "bom-ref": "urn:uuid:0d2d78c6-1df3-5fe6-8728-00ef2ef126b8", "id": "GHSA-4xcv-9jjx-gfj3", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-4xcv-9jjx-gfj3 affects version 4.2.3 of next." }, "affects": [ { "ref": "pkg:npm/next@4.2.3" } ] }, { "bom-ref": "urn:uuid:4dfa12a3-2b88-53c5-9527-9d0923863787", "id": "GHSA-5vj8-3v2h-h38v", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-5vj8-3v2h-h38v affects version 4.2.3 of next." }, "affects": [ { "ref": "pkg:npm/next@4.2.3" } ] }, { "bom-ref": "urn:uuid:66a49057-401f-5bda-8546-ebefbbe2d04a", "id": "GHSA-7fhm-mqm4-2wp7", "analysis": { "state": "false_positive", "detail": "Vulnerability GHSA-7fhm-mqm4-2wp7 is a false positive for next 4.2.3." }, "affects": [ { "ref": "pkg:npm/next@4.2.3" } ] }, { "bom-ref": "urn:uuid:ba46b6f6-2d22-57c8-ae82-20024beef653", "id": "GHSA-8x6c-cv3v-vp6g", "analysis": { "state": "false_positive", "detail": "Vulnerability GHSA-8x6c-cv3v-vp6g is a false positive for next 4.2.3." }, "affects": [ { "ref": "pkg:npm/next@4.2.3" } ] }, { "bom-ref": "urn:uuid:64db12b7-7b99-5153-a285-78e29405a25c", "id": "GHSA-r4q5-vmmm-2653", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-r4q5-vmmm-2653 affects version 4.2.3 of next." }, "affects": [ { "ref": "pkg:npm/next@4.2.3" } ] }, { "bom-ref": "urn:uuid:a482a289-df8c-5f95-864f-ecd34272d1a0", "id": "GHSA-w5hq-g745-h8pq", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-w5hq-g745-h8pq affects version 4.2.3 of next." }, "affects": [ { "ref": "pkg:npm/next@4.2.3" } ] } ], "dependencies": [ { "ref": "pkg:npm/next@4.2.3" } ] }