{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:2554a3ee-dafc-5eee-9780-678313aa4f69", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/svelte@0.3.0", "type": "library", "name": "svelte", "version": "0.3.0", "purl": "pkg:npm/svelte@0.3.0" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:4fd5f01a-9fbd-54c3-bb43-76929522ce78", "id": "CVE-2025-15265", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-15265 affects version 0.3.0 of svelte." }, "affects": [ { "ref": "pkg:npm/svelte@0.3.0" } ] }, { "bom-ref": "urn:uuid:81b446f0-5b58-5225-89f2-2358c67e1c83", "id": "CVE-2026-42567", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42567 affects version 0.3.0 of svelte." }, "affects": [ { "ref": "pkg:npm/svelte@0.3.0" } ] }, { "bom-ref": "urn:uuid:b0f6da22-ddd8-558e-940a-2812e9a86fe1", "id": "CVE-2026-42573", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42573 affects version 0.3.0 of svelte." }, "affects": [ { "ref": "pkg:npm/svelte@0.3.0" } ] }, { "bom-ref": "urn:uuid:65588701-5cfc-5ce2-9a6b-b9d1c5646acc", "id": "CVE-2026-42599", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42599 affects version 0.3.0 of svelte." }, "affects": [ { "ref": "pkg:npm/svelte@0.3.0" } ] }, { "bom-ref": "urn:uuid:6c97a54a-4c94-5bed-918a-b6d4fe30022b", "id": "GHSA-f3cj-j4f6-wq85", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-f3cj-j4f6-wq85 affects version 0.3.0 of svelte." }, "affects": [ { "ref": "pkg:npm/svelte@0.3.0" } ] } ], "dependencies": [ { "ref": "pkg:npm/svelte@0.3.0" } ] }