{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:9e15af7e-5000-5db3-a5f7-83fb44f2b671", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/vite@2.9.18", "type": "library", "name": "vite", "version": "2.9.18", "purl": "pkg:npm/vite@2.9.18" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:179fd1a0-cfc9-5a7e-8ffa-2ea89063a4de", "id": "CVE-2024-23331", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23331 affects version 2.9.18 of vite." }, "affects": [ { "ref": "pkg:npm/vite@2.9.18" } ] }, { "bom-ref": "urn:uuid:c2809e6c-3d87-58fd-a79d-d23b96c911b1", "id": "CVE-2024-31207", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-31207 affects version 2.9.18 of vite." }, "affects": [ { "ref": "pkg:npm/vite@2.9.18" } ] }, { "bom-ref": "urn:uuid:ea656550-765d-5f97-ab59-306ab5667d93", "id": "CVE-2026-39363", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-39363 affects version 2.9.18 of vite." }, "affects": [ { "ref": "pkg:npm/vite@2.9.18" } ] }, { "bom-ref": "urn:uuid:8c04edf4-c2b7-53c1-8fd5-0f77b9f3c9f4", "id": "CVE-2026-39364", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-39364 affects version 2.9.18 of vite." }, "affects": [ { "ref": "pkg:npm/vite@2.9.18" } ] }, { "bom-ref": "urn:uuid:4557cf72-f3bf-5f9f-bd6a-4b78709b594d", "id": "CVE-2026-39365", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-39365 affects version 2.9.18 of vite." }, "affects": [ { "ref": "pkg:npm/vite@2.9.18" } ] } ], "dependencies": [ { "ref": "pkg:npm/vite@2.9.18" } ] }