{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:d913bed1-7242-5693-9577-e8b591ef09ac", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/undici@6.11.1", "type": "library", "name": "undici", "version": "6.11.1", "purl": "pkg:npm/undici@6.11.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:469503ab-b654-5094-8988-a5c287211849", "id": "CVE-2026-1525", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1525 affects version 6.11.1 of undici." }, "affects": [ { "ref": "pkg:npm/undici@6.11.1" } ] }, { "bom-ref": "urn:uuid:2397d02f-d25b-594d-8749-707997fbbda8", "id": "CVE-2026-1526", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1526 affects version 6.11.1 of undici." }, "affects": [ { "ref": "pkg:npm/undici@6.11.1" } ] }, { "bom-ref": "urn:uuid:4e0cdd18-711c-5939-b230-e13ffd79a1f5", "id": "CVE-2026-1527", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1527 affects version 6.11.1 of undici." }, "affects": [ { "ref": "pkg:npm/undici@6.11.1" } ] }, { "bom-ref": "urn:uuid:1675d2a0-cfde-5fa7-9e4b-668afeb4ccad", "id": "CVE-2026-1528", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1528 affects version 6.11.1 of undici." }, "affects": [ { "ref": "pkg:npm/undici@6.11.1" } ] }, { "bom-ref": "urn:uuid:4d5909a2-12d2-5840-a790-88c435602dea", "id": "CVE-2026-2229", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2229 affects version 6.11.1 of undici." }, "affects": [ { "ref": "pkg:npm/undici@6.11.1" } ] } ], "dependencies": [ { "ref": "pkg:npm/undici@6.11.1" } ] }