{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:6e9c4fbf-0f05-5561-b818-4d9ecea893ed", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/vite@5.4.8", "type": "library", "name": "vite", "version": "5.4.8", "purl": "pkg:npm/vite@5.4.8" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:8e7695af-465e-5f23-9d0e-b590d1fb9fef", "id": "CVE-2025-24010", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24010 affects version 5.4.8 of vite." }, "affects": [ { "ref": "pkg:npm/vite@5.4.8" } ] }, { "bom-ref": "urn:uuid:dd8e9d10-54d9-59a8-a5a6-e299a490b8ea", "id": "CVE-2025-30208", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-30208 affects version 5.4.8 of vite." }, "affects": [ { "ref": "pkg:npm/vite@5.4.8" } ] }, { "bom-ref": "urn:uuid:72886a4b-6bea-5b53-a347-dd1a0cee4dbb", "id": "CVE-2025-31125", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31125 affects version 5.4.8 of vite." }, "affects": [ { "ref": "pkg:npm/vite@5.4.8" } ] }, { "bom-ref": "urn:uuid:ba39a433-ffec-5dc1-9276-e4768d301e57", "id": "CVE-2025-31486", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31486 affects version 5.4.8 of vite." }, "affects": [ { "ref": "pkg:npm/vite@5.4.8" } ] }, { "bom-ref": "urn:uuid:702ec4d6-f1de-5b2a-8144-5e56efecd153", "id": "CVE-2025-32395", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-32395 affects version 5.4.8 of vite." }, "affects": [ { "ref": "pkg:npm/vite@5.4.8" } ] }, { "bom-ref": "urn:uuid:4cb4b549-c8db-5ceb-952c-2efc7c559fdd", "id": "CVE-2025-46565", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-46565 affects version 5.4.8 of vite." }, "affects": [ { "ref": "pkg:npm/vite@5.4.8" } ] }, { "bom-ref": "urn:uuid:6dcb7f89-a548-5597-9e2c-38276a84eb06", "id": "CVE-2025-58751", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58751 affects version 5.4.8 of vite." }, "affects": [ { "ref": "pkg:npm/vite@5.4.8" } ] }, { "bom-ref": "urn:uuid:d27b79a8-5f97-56d1-8eea-6cf98f824b04", "id": "CVE-2025-58752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58752 affects version 5.4.8 of vite." }, "affects": [ { "ref": "pkg:npm/vite@5.4.8" } ] }, { "bom-ref": "urn:uuid:3ffdcc92-5fd7-5e98-980e-c204ee4a3dd9", "id": "CVE-2025-62522", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-62522 affects version 5.4.8 of vite." }, "affects": [ { "ref": "pkg:npm/vite@5.4.8" } ] }, { "bom-ref": "urn:uuid:c5d48b75-cdb4-537c-a72c-b2eaa889c83e", "id": "CVE-2026-39363", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-39363 affects version 5.4.8 of vite." }, "affects": [ { "ref": "pkg:npm/vite@5.4.8" } ] }, { "bom-ref": "urn:uuid:ae32267d-a5b5-597a-ad27-924aea6c0985", "id": "CVE-2026-39364", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-39364 affects version 5.4.8 of vite." }, "affects": [ { "ref": "pkg:npm/vite@5.4.8" } ] }, { "bom-ref": "urn:uuid:5d71b929-bdb1-54b7-8263-1b393162badf", "id": "CVE-2026-39365", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-39365 affects version 5.4.8 of vite." }, "affects": [ { "ref": "pkg:npm/vite@5.4.8" } ] } ], "dependencies": [ { "ref": "pkg:npm/vite@5.4.8" } ] }