{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:f5b613b0-40e4-59e5-9745-dbfce7289491", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/svelte@3.59.2", "type": "library", "name": "svelte", "version": "3.59.2", "purl": "pkg:npm/svelte@3.59.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:1c60e89e-04b4-5af7-a61b-cf47885ec2e1", "id": "CVE-2025-15265", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-15265 affects version 3.59.2 of svelte." }, "affects": [ { "ref": "pkg:npm/svelte@3.59.2" } ] }, { "bom-ref": "urn:uuid:1be102db-84f9-5b76-ae5b-6a68d5a81456", "id": "CVE-2026-42567", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42567 affects version 3.59.2 of svelte." }, "affects": [ { "ref": "pkg:npm/svelte@3.59.2" } ] }, { "bom-ref": "urn:uuid:ea31ee19-dee7-5f4f-8437-82f2afc03b73", "id": "CVE-2026-42573", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42573 affects version 3.59.2 of svelte." }, "affects": [ { "ref": "pkg:npm/svelte@3.59.2" } ] }, { "bom-ref": "urn:uuid:400f526b-993c-5aae-9192-b103cb6130c8", "id": "CVE-2026-42599", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42599 affects version 3.59.2 of svelte." }, "affects": [ { "ref": "pkg:npm/svelte@3.59.2" } ] }, { "bom-ref": "urn:uuid:9ebc9589-04b0-50ff-8887-af6357347e12", "id": "GHSA-f3cj-j4f6-wq85", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-f3cj-j4f6-wq85 affects version 3.59.2 of svelte." }, "affects": [ { "ref": "pkg:npm/svelte@3.59.2" } ] } ], "dependencies": [ { "ref": "pkg:npm/svelte@3.59.2" } ] }