{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:6e57cc52-c60a-5cbe-9295-c98d3cb8d5fe", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/webpack-dev-server@3.11.0", "type": "library", "name": "webpack-dev-server", "version": "3.11.0", "purl": "pkg:npm/webpack-dev-server@3.11.0" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:b156cfe4-b061-5710-879c-51b7ad0189df", "id": "CVE-2022-0122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-0122 affects version 3.11.0 of webpack-dev-server." }, "affects": [ { "ref": "pkg:npm/webpack-dev-server@3.11.0" } ] }, { "bom-ref": "urn:uuid:35d3fed3-b730-5830-87da-56c4b3babcae", "id": "CVE-2022-24771", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-24771 affects version 3.11.0 of webpack-dev-server." }, "affects": [ { "ref": "pkg:npm/webpack-dev-server@3.11.0" } ] }, { "bom-ref": "urn:uuid:250199aa-d700-5321-a194-a24ad224194c", "id": "CVE-2022-24772", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-24772 affects version 3.11.0 of webpack-dev-server." }, "affects": [ { "ref": "pkg:npm/webpack-dev-server@3.11.0" } ] }, { "bom-ref": "urn:uuid:cc6be40d-203d-5c29-806a-133983dd66ee", "id": "CVE-2022-24773", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-24773 affects version 3.11.0 of webpack-dev-server." }, "affects": [ { "ref": "pkg:npm/webpack-dev-server@3.11.0" } ] }, { "bom-ref": "urn:uuid:6d551e0c-e752-5392-b6e5-c97260a6b659", "id": "CVE-2024-21536", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-21536 affects version 3.11.0 of webpack-dev-server." }, "affects": [ { "ref": "pkg:npm/webpack-dev-server@3.11.0" } ] }, { "bom-ref": "urn:uuid:ac2ef3f0-ce91-5277-bab5-4b3c63da8f1e", "id": "CVE-2024-29180", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-29180 affects version 3.11.0 of webpack-dev-server." }, "affects": [ { "ref": "pkg:npm/webpack-dev-server@3.11.0" } ] }, { "bom-ref": "urn:uuid:42a6e08c-dd66-57e3-b849-ad8e6f4b0efb", "id": "CVE-2025-12816", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-12816 affects version 3.11.0 of webpack-dev-server." }, "affects": [ { "ref": "pkg:npm/webpack-dev-server@3.11.0" } ] }, { "bom-ref": "urn:uuid:aa41d378-e472-5272-b13f-4286501bf3e0", "id": "CVE-2025-66030", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66030 affects version 3.11.0 of webpack-dev-server." }, "affects": [ { "ref": "pkg:npm/webpack-dev-server@3.11.0" } ] }, { "bom-ref": "urn:uuid:8d026776-000f-5e0e-9121-e03feba24078", "id": "CVE-2025-66031", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66031 affects version 3.11.0 of webpack-dev-server." }, "affects": [ { "ref": "pkg:npm/webpack-dev-server@3.11.0" } ] }, { "bom-ref": "urn:uuid:15b033d6-5426-58b3-a701-dd9b5074f277", "id": "CVE-2026-33891", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33891 affects version 3.11.0 of webpack-dev-server." }, "affects": [ { "ref": "pkg:npm/webpack-dev-server@3.11.0" } ] }, { "bom-ref": "urn:uuid:731b6a46-9c87-5604-882c-65771a4c9569", "id": "CVE-2026-33894", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33894 affects version 3.11.0 of webpack-dev-server." }, "affects": [ { "ref": "pkg:npm/webpack-dev-server@3.11.0" } ] }, { "bom-ref": "urn:uuid:27b96cb8-fb04-544a-a7cf-575f6adb0dff", "id": "CVE-2026-33895", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33895 affects version 3.11.0 of webpack-dev-server." }, "affects": [ { "ref": "pkg:npm/webpack-dev-server@3.11.0" } ] }, { "bom-ref": "urn:uuid:7a362239-ef8b-52cc-b194-8d170ebcfafb", "id": "CVE-2026-33896", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33896 affects version 3.11.0 of webpack-dev-server." }, "affects": [ { "ref": "pkg:npm/webpack-dev-server@3.11.0" } ] }, { "bom-ref": "urn:uuid:631716fb-30f1-5c06-aeef-82bcea437807", "id": "CVE-2026-6402", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-6402 affects version 3.11.0 of webpack-dev-server." }, "affects": [ { "ref": "pkg:npm/webpack-dev-server@3.11.0" } ] }, { "bom-ref": "urn:uuid:b16d5341-13be-5077-93f9-621e8e6d54dd", "id": "GHSA-5rrq-pxf6-6jx5", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-5rrq-pxf6-6jx5 affects version 3.11.0 of webpack-dev-server." }, "affects": [ { "ref": "pkg:npm/webpack-dev-server@3.11.0" } ] }, { "bom-ref": "urn:uuid:b326d4ff-31d7-5698-85c7-a2759b163165", "id": "GHSA-gf8q-jrpm-jvxq", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-gf8q-jrpm-jvxq affects version 3.11.0 of webpack-dev-server." }, "affects": [ { "ref": "pkg:npm/webpack-dev-server@3.11.0" } ] } ], "dependencies": [ { "ref": "pkg:npm/webpack-dev-server@3.11.0" } ] }