{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:da4cc06d-86d3-5327-bbae-daffb128e2f3", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/tar@6.0.2", "type": "library", "name": "tar", "version": "6.0.2", "purl": "pkg:npm/tar@6.0.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:c60248c0-5be9-503f-97d0-962dbefa97a4", "id": "CVE-2026-23745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-23745 affects version 6.0.2 of tar." }, "affects": [ { "ref": "pkg:npm/tar@6.0.2" } ] }, { "bom-ref": "urn:uuid:3fc4d15c-9ae5-5b69-a757-18a20f44a060", "id": "CVE-2026-23950", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-23950 affects version 6.0.2 of tar." }, "affects": [ { "ref": "pkg:npm/tar@6.0.2" } ] }, { "bom-ref": "urn:uuid:4f48f9b8-125e-5c6f-8f73-07e55336c7ae", "id": "CVE-2026-24842", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24842 affects version 6.0.2 of tar." }, "affects": [ { "ref": "pkg:npm/tar@6.0.2" } ] }, { "bom-ref": "urn:uuid:762088a6-da0e-529b-884f-bf7f8cedf2bd", "id": "CVE-2026-26960", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-26960 affects version 6.0.2 of tar." }, "affects": [ { "ref": "pkg:npm/tar@6.0.2" } ] }, { "bom-ref": "urn:uuid:73ce6e89-3903-579c-947e-3716edfb4463", "id": "CVE-2026-29786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29786 affects version 6.0.2 of tar." }, "affects": [ { "ref": "pkg:npm/tar@6.0.2" } ] }, { "bom-ref": "urn:uuid:f67bd885-a556-5cb9-bb94-6d77d4c6eda0", "id": "CVE-2026-31802", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-31802 affects version 6.0.2 of tar." }, "affects": [ { "ref": "pkg:npm/tar@6.0.2" } ] } ], "dependencies": [ { "ref": "pkg:npm/tar@6.0.2" } ] }