{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:4d106044-7270-518c-a761-005346b2af19", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/vitejs-plugin-react@2.9.18", "type": "library", "name": "vitejs-plugin-react", "version": "2.9.18", "purl": "pkg:npm/vitejs-plugin-react@2.9.18" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:1b84f429-4678-5475-b456-c9d13aadd7ca", "id": "CVE-2024-23331", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23331 affects version 2.9.18 of vitejs-plugin-react." }, "affects": [ { "ref": "pkg:npm/vitejs-plugin-react@2.9.18" } ] }, { "bom-ref": "urn:uuid:ffeb761e-f855-5c03-83ab-dead820ceac7", "id": "CVE-2024-31207", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-31207 affects version 2.9.18 of vitejs-plugin-react." }, "affects": [ { "ref": "pkg:npm/vitejs-plugin-react@2.9.18" } ] }, { "bom-ref": "urn:uuid:5a25b924-e72c-5fab-8da9-5781b9b55fcb", "id": "CVE-2026-39363", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-39363 affects version 2.9.18 of vitejs-plugin-react." }, "affects": [ { "ref": "pkg:npm/vitejs-plugin-react@2.9.18" } ] }, { "bom-ref": "urn:uuid:cba94592-5dec-5848-bd86-f46251bddabb", "id": "CVE-2026-39364", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-39364 affects version 2.9.18 of vitejs-plugin-react." }, "affects": [ { "ref": "pkg:npm/vitejs-plugin-react@2.9.18" } ] }, { "bom-ref": "urn:uuid:50f6391e-b502-50a3-a4f8-ca05dcf60fc6", "id": "CVE-2026-39365", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-39365 affects version 2.9.18 of vitejs-plugin-react." }, "affects": [ { "ref": "pkg:npm/vitejs-plugin-react@2.9.18" } ] } ], "dependencies": [ { "ref": "pkg:npm/vitejs-plugin-react@2.9.18" } ] }