{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:17f917a6-8407-5484-8656-47df92fe7607", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/connect@2.6.0-tuxcare.1", "type": "library", "name": "connect", "version": "2.6.0-tuxcare.1", "purl": "pkg:npm/connect@2.6.0-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:7ab0b3a0-8fe6-5074-a8e1-ea0918aadb7c", "id": "CVE-2013-7370", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2013-7370 is fixed in version 2.6.0-tuxcare.1 of connect." }, "affects": [ { "ref": "pkg:npm/connect@2.6.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ba56b54e-250e-5096-90c5-c8d2e772247f", "id": "CVE-2013-7371", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2013-7371 is fixed in version 2.6.0-tuxcare.1 of connect." }, "affects": [ { "ref": "pkg:npm/connect@2.6.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:feac6e3a-eb6d-5f57-828a-0a437e0ef511", "id": "CVE-2014-10064", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-10064 affects version 2.6.0-tuxcare.1 of connect." }, "affects": [ { "ref": "pkg:npm/connect@2.6.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:63bc3bc3-536f-5042-820d-909f00ace983", "id": "CVE-2014-6394", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-6394 affects version 2.6.0-tuxcare.1 of connect." }, "affects": [ { "ref": "pkg:npm/connect@2.6.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f792cd23-61a0-5f67-aaa0-c22d1a6d016e", "id": "CVE-2014-7191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-7191 affects version 2.6.0-tuxcare.1 of connect." }, "affects": [ { "ref": "pkg:npm/connect@2.6.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a97fa4ca-e199-57b7-8eb5-b8cf157aa966", "id": "CVE-2015-8859", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-8859 affects version 2.6.0-tuxcare.1 of connect." }, "affects": [ { "ref": "pkg:npm/connect@2.6.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:119eb654-4dd9-50ae-8a45-eeda48df2d67", "id": "CVE-2017-1000048", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-1000048 affects version 2.6.0-tuxcare.1 of connect." }, "affects": [ { "ref": "pkg:npm/connect@2.6.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4ec51b53-6f39-5729-adea-ff047e8367c9", "id": "CVE-2017-16119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-16119 affects version 2.6.0-tuxcare.1 of connect." }, "affects": [ { "ref": "pkg:npm/connect@2.6.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c62775f3-6913-5aef-9c35-023e973e4840", "id": "CVE-2017-16138", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-16138 affects version 2.6.0-tuxcare.1 of connect." }, "affects": [ { "ref": "pkg:npm/connect@2.6.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e40b8b92-bf22-511f-9dcd-806771e0b54e", "id": "CVE-2018-3717", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-3717 is fixed in version 2.6.0-tuxcare.1 of connect." }, "affects": [ { "ref": "pkg:npm/connect@2.6.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f763eb6d-f57c-573d-8315-5ba1fe7d6bd8", "id": "CVE-2022-24999", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-24999 affects version 2.6.0-tuxcare.1 of connect." }, "affects": [ { "ref": "pkg:npm/connect@2.6.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cfbeefbc-8e9c-5972-83e7-2dd6c4c58ac1", "id": "CVE-2024-43799", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-43799 affects version 2.6.0-tuxcare.1 of connect." }, "affects": [ { "ref": "pkg:npm/connect@2.6.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:458485a1-4ca6-53a5-86e2-221c799c1e14", "id": "CVE-2024-47764", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-47764 affects version 2.6.0-tuxcare.1 of connect." }, "affects": [ { "ref": "pkg:npm/connect@2.6.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9d171bd8-64f7-531a-ba30-5bf5adfc0a16", "id": "CVE-2025-15284", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-15284 affects version 2.6.0-tuxcare.1 of connect." }, "affects": [ { "ref": "pkg:npm/connect@2.6.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0a5bd5af-1e6a-56b3-a748-fdcb8b7e7811", "id": "CVE-2026-2391", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2391 affects version 2.6.0-tuxcare.1 of connect." }, "affects": [ { "ref": "pkg:npm/connect@2.6.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1d4c9ba4-66d7-5d54-bd46-90b25b41feab", "id": "CVE-2026-8723", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-8723 affects version 2.6.0-tuxcare.1 of connect." }, "affects": [ { "ref": "pkg:npm/connect@2.6.0-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:npm/connect@2.6.0-tuxcare.1" } ] }