{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:bb57c1cd-89b7-558c-90ac-2f07fa5e8198", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/tar@1.0.3-tuxcare.2", "type": "library", "name": "tar", "version": "1.0.3-tuxcare.2", "purl": "pkg:npm/tar@1.0.3-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:f53e5070-950e-54cf-9679-20cac188ae4e", "id": "CVE-2015-8860", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-8860 is fixed in version 1.0.3-tuxcare.2 of tar." }, "affects": [ { "ref": "pkg:npm/tar@1.0.3-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d736391a-da33-55f9-b46a-b6c7e32ea717", "id": "CVE-2018-20834", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-20834 is fixed in version 1.0.3-tuxcare.2 of tar." }, "affects": [ { "ref": "pkg:npm/tar@1.0.3-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:805b15f6-0d7b-5182-a4a5-41a6c65dc90c", "id": "CVE-2021-32804", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-32804 is fixed in version 1.0.3-tuxcare.2 of tar." }, "affects": [ { "ref": "pkg:npm/tar@1.0.3-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e78909b8-ac40-5a91-a764-9dfe9e2ea4ed", "id": "CVE-2021-37713", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-37713 is fixed in version 1.0.3-tuxcare.2 of tar." }, "affects": [ { "ref": "pkg:npm/tar@1.0.3-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:89afecbe-8d1f-550d-9e1d-67fda8f7a09e", "id": "CVE-2024-28863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-28863 is fixed in version 1.0.3-tuxcare.2 of tar." }, "affects": [ { "ref": "pkg:npm/tar@1.0.3-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:61e117de-dc0b-5b3d-908b-546d9932cfd1", "id": "CVE-2026-23745", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-23745 is fixed in version 1.0.3-tuxcare.2 of tar." }, "affects": [ { "ref": "pkg:npm/tar@1.0.3-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6ea58a9d-8957-5142-967d-efd21ba1709f", "id": "CVE-2026-23950", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-23950 is fixed in version 1.0.3-tuxcare.2 of tar." }, "affects": [ { "ref": "pkg:npm/tar@1.0.3-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2b83fa2d-3242-5f12-9cba-753060e01af9", "id": "CVE-2026-24842", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24842 is fixed in version 1.0.3-tuxcare.2 of tar." }, "affects": [ { "ref": "pkg:npm/tar@1.0.3-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:385bfc81-8c28-576c-a377-17610717b8ef", "id": "CVE-2026-26960", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-26960 is fixed in version 1.0.3-tuxcare.2 of tar." }, "affects": [ { "ref": "pkg:npm/tar@1.0.3-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7ea9f5e9-12df-5c2a-ba3f-c0714f7b0c38", "id": "CVE-2026-29786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29786 affects version 1.0.3-tuxcare.2 of tar." }, "affects": [ { "ref": "pkg:npm/tar@1.0.3-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:16fdb4c3-7f85-5a14-af78-e8c2093104ff", "id": "CVE-2026-31802", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-31802 affects version 1.0.3-tuxcare.2 of tar." }, "affects": [ { "ref": "pkg:npm/tar@1.0.3-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:npm/tar@1.0.3-tuxcare.2" } ] }