{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:aa0e334e-eec9-5ca0-9dcc-8b7efad530af", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/vite@4.2.1", "type": "library", "name": "vite", "version": "4.2.1", "purl": "pkg:npm/vite@4.2.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:abb3f7ca-89a0-5fe3-869b-d9afff308e65", "id": "CVE-2023-34092", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34092 affects version 4.2.1 of vite." }, "affects": [ { "ref": "pkg:npm/vite@4.2.1" } ] }, { "bom-ref": "urn:uuid:03749dc0-42b9-5cc9-a161-6bee16463df0", "id": "CVE-2024-23331", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23331 affects version 4.2.1 of vite." }, "affects": [ { "ref": "pkg:npm/vite@4.2.1" } ] }, { "bom-ref": "urn:uuid:10565a73-bf46-5541-ab2e-efc7405b32ba", "id": "CVE-2024-31207", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-31207 affects version 4.2.1 of vite." }, "affects": [ { "ref": "pkg:npm/vite@4.2.1" } ] }, { "bom-ref": "urn:uuid:e929496b-8200-5805-a42e-37a79187aeee", "id": "CVE-2024-45811", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-45811 affects version 4.2.1 of vite." }, "affects": [ { "ref": "pkg:npm/vite@4.2.1" } ] }, { "bom-ref": "urn:uuid:96a14fb5-6535-5d99-ab81-250923b370ef", "id": "CVE-2024-45812", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-45812 affects version 4.2.1 of vite." }, "affects": [ { "ref": "pkg:npm/vite@4.2.1" } ] }, { "bom-ref": "urn:uuid:4daf461c-ed51-57e3-a400-e4a978196364", "id": "CVE-2025-24010", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24010 affects version 4.2.1 of vite." }, "affects": [ { "ref": "pkg:npm/vite@4.2.1" } ] }, { "bom-ref": "urn:uuid:d21015f8-7d29-54b7-ba34-77c000aad599", "id": "CVE-2025-30208", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-30208 affects version 4.2.1 of vite." }, "affects": [ { "ref": "pkg:npm/vite@4.2.1" } ] }, { "bom-ref": "urn:uuid:2f24fabf-215a-579b-aa16-46c9ba98679e", "id": "CVE-2025-31125", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31125 affects version 4.2.1 of vite." }, "affects": [ { "ref": "pkg:npm/vite@4.2.1" } ] }, { "bom-ref": "urn:uuid:5963b06b-0386-5c44-a32a-6a1ea859776e", "id": "CVE-2025-31486", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31486 affects version 4.2.1 of vite." }, "affects": [ { "ref": "pkg:npm/vite@4.2.1" } ] }, { "bom-ref": "urn:uuid:01c208be-d347-58d2-9530-b1fa59560ac1", "id": "CVE-2025-32395", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-32395 affects version 4.2.1 of vite." }, "affects": [ { "ref": "pkg:npm/vite@4.2.1" } ] }, { "bom-ref": "urn:uuid:f579a6fd-0ef1-5aaf-ac48-6dd53e1a88bb", "id": "CVE-2025-46565", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-46565 affects version 4.2.1 of vite." }, "affects": [ { "ref": "pkg:npm/vite@4.2.1" } ] }, { "bom-ref": "urn:uuid:a2b3d37a-4ef4-5eac-8062-7561114b9f1f", "id": "CVE-2025-58751", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58751 affects version 4.2.1 of vite." }, "affects": [ { "ref": "pkg:npm/vite@4.2.1" } ] }, { "bom-ref": "urn:uuid:93e1f855-640e-502d-b1c2-f82db50de33b", "id": "CVE-2025-58752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58752 affects version 4.2.1 of vite." }, "affects": [ { "ref": "pkg:npm/vite@4.2.1" } ] }, { "bom-ref": "urn:uuid:2d577518-b2c9-5005-b98c-ca9e9fc3eee9", "id": "CVE-2025-62522", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-62522 affects version 4.2.1 of vite." }, "affects": [ { "ref": "pkg:npm/vite@4.2.1" } ] }, { "bom-ref": "urn:uuid:61e9aa3d-ee94-5ca5-8b6c-f0a63760edef", "id": "CVE-2026-39363", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-39363 affects version 4.2.1 of vite." }, "affects": [ { "ref": "pkg:npm/vite@4.2.1" } ] }, { "bom-ref": "urn:uuid:a7081d3d-a6cc-5eba-aa30-ba79faa508d9", "id": "CVE-2026-39364", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-39364 affects version 4.2.1 of vite." }, "affects": [ { "ref": "pkg:npm/vite@4.2.1" } ] }, { "bom-ref": "urn:uuid:944f6659-21b5-5f77-9db1-47835f90d6b1", "id": "CVE-2026-39365", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-39365 affects version 4.2.1 of vite." }, "affects": [ { "ref": "pkg:npm/vite@4.2.1" } ] } ], "dependencies": [ { "ref": "pkg:npm/vite@4.2.1" } ] }