{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:83ad6fe4-9364-579f-8c56-ced19559636d", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/yui@3.18.1", "type": "library", "name": "yui", "version": "3.18.1", "purl": "pkg:npm/yui@3.18.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:f94204d6-b0e8-543d-9d72-1fc1b06e5192", "id": "CVE-2016-2515", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-2515 affects version 3.18.1 of yui." }, "affects": [ { "ref": "pkg:npm/yui@3.18.1" } ] }, { "bom-ref": "urn:uuid:5f4425e0-611b-53fb-b73d-8106b9443228", "id": "CVE-2017-1000048", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-1000048 affects version 3.18.1 of yui." }, "affects": [ { "ref": "pkg:npm/yui@3.18.1" } ] }, { "bom-ref": "urn:uuid:7bbb32f8-fb3e-57df-9739-f9d04432d580", "id": "CVE-2017-16026", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-16026 affects version 3.18.1 of yui." }, "affects": [ { "ref": "pkg:npm/yui@3.18.1" } ] }, { "bom-ref": "urn:uuid:f75e5abe-3965-5922-8e1a-e7a8df344879", "id": "CVE-2017-16138", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-16138 affects version 3.18.1 of yui." }, "affects": [ { "ref": "pkg:npm/yui@3.18.1" } ] }, { "bom-ref": "urn:uuid:c8fca1b2-7e0c-53ee-a6ea-1f98740b15ac", "id": "CVE-2018-3728", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-3728 affects version 3.18.1 of yui." }, "affects": [ { "ref": "pkg:npm/yui@3.18.1" } ] }, { "bom-ref": "urn:uuid:5647b0e6-57f5-58a6-8182-b7abfdcc4c2b", "id": "CVE-2020-36604", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-36604 affects version 3.18.1 of yui." }, "affects": [ { "ref": "pkg:npm/yui@3.18.1" } ] }, { "bom-ref": "urn:uuid:c08d2602-1c7d-5899-9eb5-fb9117f4fc38", "id": "CVE-2022-24999", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-24999 affects version 3.18.1 of yui." }, "affects": [ { "ref": "pkg:npm/yui@3.18.1" } ] }, { "bom-ref": "urn:uuid:09653e8d-c5a1-5b44-bc06-31547111bcca", "id": "CVE-2022-29167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-29167 affects version 3.18.1 of yui." }, "affects": [ { "ref": "pkg:npm/yui@3.18.1" } ] }, { "bom-ref": "urn:uuid:3c364c19-d329-5058-996c-bd8e5fbb5b54", "id": "CVE-2023-28155", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-28155 affects version 3.18.1 of yui." }, "affects": [ { "ref": "pkg:npm/yui@3.18.1" } ] }, { "bom-ref": "urn:uuid:20407b91-39fd-5022-b5b1-530405e65606", "id": "CVE-2025-15284", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-15284 affects version 3.18.1 of yui." }, "affects": [ { "ref": "pkg:npm/yui@3.18.1" } ] }, { "bom-ref": "urn:uuid:6615a808-0a9d-51d5-a8aa-ce4e146c2c5c", "id": "CVE-2025-7783", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-7783 affects version 3.18.1 of yui." }, "affects": [ { "ref": "pkg:npm/yui@3.18.1" } ] }, { "bom-ref": "urn:uuid:7865b57f-142a-581a-b440-005746eec4dd", "id": "CVE-2026-2391", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2391 affects version 3.18.1 of yui." }, "affects": [ { "ref": "pkg:npm/yui@3.18.1" } ] } ], "dependencies": [ { "ref": "pkg:npm/yui@3.18.1" } ] }