{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:4a59f08b-8b99-57d9-a3c7-2be3dbf6dcbf", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/vitejs-plugin-legacy@2.9.18", "type": "library", "name": "vitejs-plugin-legacy", "version": "2.9.18", "purl": "pkg:npm/vitejs-plugin-legacy@2.9.18" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:f1f9a3f3-e54f-5d8a-b762-831517cbe5c0", "id": "CVE-2024-23331", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23331 affects version 2.9.18 of vitejs-plugin-legacy." }, "affects": [ { "ref": "pkg:npm/vitejs-plugin-legacy@2.9.18" } ] }, { "bom-ref": "urn:uuid:11b9aa50-074a-5dc2-93c6-4950762576bb", "id": "CVE-2024-31207", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-31207 affects version 2.9.18 of vitejs-plugin-legacy." }, "affects": [ { "ref": "pkg:npm/vitejs-plugin-legacy@2.9.18" } ] }, { "bom-ref": "urn:uuid:d24c0e34-498a-52d8-b7cd-a960e3f2f8de", "id": "CVE-2026-39363", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-39363 affects version 2.9.18 of vitejs-plugin-legacy." }, "affects": [ { "ref": "pkg:npm/vitejs-plugin-legacy@2.9.18" } ] }, { "bom-ref": "urn:uuid:b50b09e9-7340-5328-bd09-0e806dc63d70", "id": "CVE-2026-39364", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-39364 affects version 2.9.18 of vitejs-plugin-legacy." }, "affects": [ { "ref": "pkg:npm/vitejs-plugin-legacy@2.9.18" } ] }, { "bom-ref": "urn:uuid:07405f17-6f0c-5846-bd63-3506d7069dd0", "id": "CVE-2026-39365", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-39365 affects version 2.9.18 of vitejs-plugin-legacy." }, "affects": [ { "ref": "pkg:npm/vitejs-plugin-legacy@2.9.18" } ] } ], "dependencies": [ { "ref": "pkg:npm/vitejs-plugin-legacy@2.9.18" } ] }