{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:40c76cde-2719-5ca4-b91b-805073c3dda3", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/protobufjs@6.8.8", "type": "library", "name": "protobufjs", "version": "6.8.8", "purl": "pkg:npm/protobufjs@6.8.8" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:5effb16d-8157-5cb8-9b26-d101762d2fe7", "id": "CVE-2026-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41242 affects version 6.8.8 of protobufjs." }, "affects": [ { "ref": "pkg:npm/protobufjs@6.8.8" } ] }, { "bom-ref": "urn:uuid:71f7b797-d353-51d4-9c85-5a6cb7331322", "id": "CVE-2026-44288", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44288 affects version 6.8.8 of protobufjs." }, "affects": [ { "ref": "pkg:npm/protobufjs@6.8.8" } ] }, { "bom-ref": "urn:uuid:28f52b98-3808-5970-9ae7-69cd867b2f83", "id": "CVE-2026-44289", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44289 affects version 6.8.8 of protobufjs." }, "affects": [ { "ref": "pkg:npm/protobufjs@6.8.8" } ] }, { "bom-ref": "urn:uuid:6fd61112-1afc-5325-ac4c-c22e625e1ea9", "id": "CVE-2026-44290", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44290 affects version 6.8.8 of protobufjs." }, "affects": [ { "ref": "pkg:npm/protobufjs@6.8.8" } ] }, { "bom-ref": "urn:uuid:6a77a85d-5514-5ba6-a216-a9c2ccbd0420", "id": "CVE-2026-44291", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44291 affects version 6.8.8 of protobufjs." }, "affects": [ { "ref": "pkg:npm/protobufjs@6.8.8" } ] }, { "bom-ref": "urn:uuid:de8b01a7-193f-5250-8c95-4885e099346a", "id": "CVE-2026-44292", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44292 affects version 6.8.8 of protobufjs." }, "affects": [ { "ref": "pkg:npm/protobufjs@6.8.8" } ] }, { "bom-ref": "urn:uuid:c1c4f213-00d3-5dc2-9ece-449f120b5805", "id": "CVE-2026-44293", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44293 affects version 6.8.8 of protobufjs." }, "affects": [ { "ref": "pkg:npm/protobufjs@6.8.8" } ] }, { "bom-ref": "urn:uuid:02561470-542c-593e-96b2-8fef9efb1f35", "id": "CVE-2026-44294", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44294 affects version 6.8.8 of protobufjs." }, "affects": [ { "ref": "pkg:npm/protobufjs@6.8.8" } ] }, { "bom-ref": "urn:uuid:64224beb-5bb9-57fc-9d22-131b596fa254", "id": "CVE-2026-45740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-45740 affects version 6.8.8 of protobufjs." }, "affects": [ { "ref": "pkg:npm/protobufjs@6.8.8" } ] }, { "bom-ref": "urn:uuid:b4f3933e-6cdb-5627-929f-d94ad7739bfe", "id": "GHSA-xq3m-2v4x-88gg", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-xq3m-2v4x-88gg affects version 6.8.8 of protobufjs." }, "affects": [ { "ref": "pkg:npm/protobufjs@6.8.8" } ] } ], "dependencies": [ { "ref": "pkg:npm/protobufjs@6.8.8" } ] }