{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:19ab477b-b70f-5c32-8dc8-4f646d1a1240", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/next@6.1.2", "type": "library", "name": "next", "version": "6.1.2", "purl": "pkg:npm/next@6.1.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:ad6af4ab-a762-5e73-8a3a-acb4d0ec11f8", "id": "CVE-2018-1109", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1109 affects version 6.1.2 of next." }, "affects": [ { "ref": "pkg:npm/next@6.1.2" } ] }, { "bom-ref": "urn:uuid:982d0145-3c59-5474-98c7-bbc5c6626a7a", "id": "CVE-2020-15168", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-15168 affects version 6.1.2 of next." }, "affects": [ { "ref": "pkg:npm/next@6.1.2" } ] }, { "bom-ref": "urn:uuid:175e2208-eb5c-50c2-a89e-ad3b7075636d", "id": "CVE-2020-5284", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5284 affects version 6.1.2 of next." }, "affects": [ { "ref": "pkg:npm/next@6.1.2" } ] }, { "bom-ref": "urn:uuid:f38fd8d0-9aef-5fc2-93fa-9a74c38338ed", "id": "CVE-2020-7598", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-7598 affects version 6.1.2 of next." }, "affects": [ { "ref": "pkg:npm/next@6.1.2" } ] }, { "bom-ref": "urn:uuid:5dd51165-40cd-5b03-9d5c-a5676fbc56a4", "id": "CVE-2021-37699", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-37699 affects version 6.1.2 of next." }, "affects": [ { "ref": "pkg:npm/next@6.1.2" } ] }, { "bom-ref": "urn:uuid:01b2c826-d16d-5026-b96a-10cfbe65bc0a", "id": "CVE-2021-43803", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-43803 affects version 6.1.2 of next." }, "affects": [ { "ref": "pkg:npm/next@6.1.2" } ] }, { "bom-ref": "urn:uuid:8b0b6ef5-609d-564b-9259-9e4b2f1af923", "id": "CVE-2021-44906", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-44906 affects version 6.1.2 of next." }, "affects": [ { "ref": "pkg:npm/next@6.1.2" } ] }, { "bom-ref": "urn:uuid:95de3ac6-3313-5a6e-abf5-d80114922177", "id": "CVE-2022-0235", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-0235 affects version 6.1.2 of next." }, "affects": [ { "ref": "pkg:npm/next@6.1.2" } ] }, { "bom-ref": "urn:uuid:9d065cda-1dab-5988-b99d-fa3998fc6ad2", "id": "CVE-2023-46298", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-46298 affects version 6.1.2 of next." }, "affects": [ { "ref": "pkg:npm/next@6.1.2" } ] }, { "bom-ref": "urn:uuid:7b61c75e-ac87-594f-bb69-b75fb50c3f29", "id": "CVE-2024-29180", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-29180 affects version 6.1.2 of next." }, "affects": [ { "ref": "pkg:npm/next@6.1.2" } ] }, { "bom-ref": "urn:uuid:7e96f906-fab0-5e01-b12e-f7f03a6ba946", "id": "CVE-2024-4067", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-4067 affects version 6.1.2 of next." }, "affects": [ { "ref": "pkg:npm/next@6.1.2" } ] }, { "bom-ref": "urn:uuid:d6ba6cad-e1dd-5e85-a577-049731c70afc", "id": "CVE-2024-4068", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-4068 affects version 6.1.2 of next." }, "affects": [ { "ref": "pkg:npm/next@6.1.2" } ] }, { "bom-ref": "urn:uuid:19bd8eed-e73b-5a26-abfd-534d050a1810", "id": "CVE-2024-45296", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-45296 affects version 6.1.2 of next." }, "affects": [ { "ref": "pkg:npm/next@6.1.2" } ] }, { "bom-ref": "urn:uuid:12d82d1a-5a64-5ca1-9c6f-2d312fca72c0", "id": "CVE-2025-32421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-32421 affects version 6.1.2 of next." }, "affects": [ { "ref": "pkg:npm/next@6.1.2" } ] }, { "bom-ref": "urn:uuid:a0b67ed9-99f4-56bc-8cc9-c464c181d309", "id": "CVE-2025-55173", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55173 affects version 6.1.2 of next." }, "affects": [ { "ref": "pkg:npm/next@6.1.2" } ] }, { "bom-ref": "urn:uuid:09322cdf-016f-5e91-b2ec-20b2b8a737a9", "id": "CVE-2025-57752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-57752 affects version 6.1.2 of next." }, "affects": [ { "ref": "pkg:npm/next@6.1.2" } ] }, { "bom-ref": "urn:uuid:779cd458-f297-58b3-85c5-f2c7a7a9d580", "id": "CVE-2025-57822", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-57822 affects version 6.1.2 of next." }, "affects": [ { "ref": "pkg:npm/next@6.1.2" } ] }, { "bom-ref": "urn:uuid:db1afb96-ad80-53be-93ea-e97cbcdaca37", "id": "CVE-2025-59472", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-59472 affects version 6.1.2 of next." }, "affects": [ { "ref": "pkg:npm/next@6.1.2" } ] }, { "bom-ref": "urn:uuid:fc276edc-6fa0-5701-bd93-bb86fefc49dd", "id": "GHSA-g95f-p29q-9xw4", "analysis": { "state": "false_positive", "detail": "Vulnerability GHSA-g95f-p29q-9xw4 is a false positive for next 6.1.2." }, "affects": [ { "ref": "pkg:npm/next@6.1.2" } ] } ], "dependencies": [ { "ref": "pkg:npm/next@6.1.2" } ] }