{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:a444659a-7c71-5041-a6b6-b3d85c9f7bbb", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/express@3.21.2-tuxcare.1", "type": "library", "name": "express", "version": "3.21.2-tuxcare.1", "purl": "pkg:npm/express@3.21.2-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:4debfd42-3200-549a-bac8-fc4cca4a574c", "id": "CVE-2016-10539", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-10539 affects version 3.21.2-tuxcare.1 of express." }, "affects": [ { "ref": "pkg:npm/express@3.21.2-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9300813f-948b-5fa9-91c4-f84fe5d878a7", "id": "CVE-2017-1000048", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-1000048 affects version 3.21.2-tuxcare.1 of express." }, "affects": [ { "ref": "pkg:npm/express@3.21.2-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:921ff062-09f1-54e9-91d9-a0dd7379fd28", "id": "CVE-2017-16119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-16119 affects version 3.21.2-tuxcare.1 of express." }, "affects": [ { "ref": "pkg:npm/express@3.21.2-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:655cca08-cb35-5d57-b4f7-720a77fa5f04", "id": "CVE-2017-16137", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-16137 affects version 3.21.2-tuxcare.1 of express." }, "affects": [ { "ref": "pkg:npm/express@3.21.2-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fc1ddcf9-f8a7-55c0-bde2-ce28acc56816", "id": "CVE-2017-20162", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-20162 affects version 3.21.2-tuxcare.1 of express." }, "affects": [ { "ref": "pkg:npm/express@3.21.2-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0cbf7b9d-bfd0-5eb6-9bd4-dfabb7e39d2b", "id": "CVE-2017-20165", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-20165 affects version 3.21.2-tuxcare.1 of express." }, "affects": [ { "ref": "pkg:npm/express@3.21.2-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c447324d-b579-5eaa-b694-deb0e1c579a1", "id": "CVE-2019-5413", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-5413 affects version 3.21.2-tuxcare.1 of express." }, "affects": [ { "ref": "pkg:npm/express@3.21.2-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b599b806-bef2-5f48-b293-c76b1ddba043", "id": "CVE-2020-7598", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-7598 affects version 3.21.2-tuxcare.1 of express." }, "affects": [ { "ref": "pkg:npm/express@3.21.2-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:553f4119-1b52-5dec-8cdf-217b8b21f648", "id": "CVE-2021-44906", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-44906 affects version 3.21.2-tuxcare.1 of express." }, "affects": [ { "ref": "pkg:npm/express@3.21.2-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d45844a5-2577-5db9-88b6-4411f89a7bde", "id": "CVE-2022-24999", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-24999 affects version 3.21.2-tuxcare.1 of express." }, "affects": [ { "ref": "pkg:npm/express@3.21.2-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2571d749-7437-5bab-80fd-7b9561418cca", "id": "CVE-2024-10491", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-10491 is fixed in version 3.21.2-tuxcare.1 of express." }, "affects": [ { "ref": "pkg:npm/express@3.21.2-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:84d95b87-8aa9-592e-88a0-a3df2c7a3388", "id": "CVE-2024-29041", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-29041 is fixed in version 3.21.2-tuxcare.1 of express." }, "affects": [ { "ref": "pkg:npm/express@3.21.2-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e7e1c330-2aa3-5d76-9baa-73eb382fc98c", "id": "CVE-2024-43796", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-43796 is fixed in version 3.21.2-tuxcare.1 of express." }, "affects": [ { "ref": "pkg:npm/express@3.21.2-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6d2a09e2-73d6-5d7d-9e9e-d765f170d1f2", "id": "CVE-2024-43799", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-43799 affects version 3.21.2-tuxcare.1 of express." }, "affects": [ { "ref": "pkg:npm/express@3.21.2-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9482f00d-dd2f-59d6-b7de-b6b3e71f2a54", "id": "CVE-2024-43800", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-43800 affects version 3.21.2-tuxcare.1 of express." }, "affects": [ { "ref": "pkg:npm/express@3.21.2-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2fa22899-e680-5ed1-a7ac-3e2e83bf97ed", "id": "CVE-2024-45590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-45590 affects version 3.21.2-tuxcare.1 of express." }, "affects": [ { "ref": "pkg:npm/express@3.21.2-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:92dea274-f6bd-55fd-95e5-9f55155cb7f0", "id": "CVE-2024-47178", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-47178 affects version 3.21.2-tuxcare.1 of express." }, "affects": [ { "ref": "pkg:npm/express@3.21.2-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:012266aa-0070-5ed9-8cd6-e0613d8057d1", "id": "CVE-2024-47764", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-47764 affects version 3.21.2-tuxcare.1 of express." }, "affects": [ { "ref": "pkg:npm/express@3.21.2-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d3a652cc-9337-5634-94f0-a8e1076c403c", "id": "CVE-2024-9266", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9266 is fixed in version 3.21.2-tuxcare.1 of express." }, "affects": [ { "ref": "pkg:npm/express@3.21.2-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cf3cc52b-1e74-52df-8e03-c8ab7747414c", "id": "CVE-2025-15284", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-15284 affects version 3.21.2-tuxcare.1 of express." }, "affects": [ { "ref": "pkg:npm/express@3.21.2-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7aad7f53-bac8-57ef-b954-624c29e474f8", "id": "CVE-2025-7339", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-7339 affects version 3.21.2-tuxcare.1 of express." }, "affects": [ { "ref": "pkg:npm/express@3.21.2-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:509ea0ca-06de-5202-9f52-e12b8a2b1933", "id": "CVE-2026-2391", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2391 affects version 3.21.2-tuxcare.1 of express." }, "affects": [ { "ref": "pkg:npm/express@3.21.2-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:95a29bc3-66dd-5644-b712-c582eba3b262", "id": "CVE-2026-8159", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-8159 affects version 3.21.2-tuxcare.1 of express." }, "affects": [ { "ref": "pkg:npm/express@3.21.2-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:32776398-e938-511b-9e8d-c96e370683c5", "id": "CVE-2026-8161", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-8161 affects version 3.21.2-tuxcare.1 of express." }, "affects": [ { "ref": "pkg:npm/express@3.21.2-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a2639d08-e2ee-52e5-b17c-6f58c524cf1c", "id": "CVE-2026-8162", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-8162 affects version 3.21.2-tuxcare.1 of express." }, "affects": [ { "ref": "pkg:npm/express@3.21.2-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1d6ab102-94f9-504e-8738-a4df4e0995f1", "id": "CVE-2026-8723", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-8723 affects version 3.21.2-tuxcare.1 of express." }, "affects": [ { "ref": "pkg:npm/express@3.21.2-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:aa376ed1-896f-5f57-8a62-8ff1536e9fb7", "id": "GHSA-7fhm-mqm4-2wp7", "analysis": { "state": "false_positive", "detail": "Vulnerability GHSA-7fhm-mqm4-2wp7 is a false positive for express 3.21.2-tuxcare.1." }, "affects": [ { "ref": "pkg:npm/express@3.21.2-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7e9a4bde-655e-523c-ad19-0606ba0fa14f", "id": "GHSA-j4mr-9xw3-c9jx", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-j4mr-9xw3-c9jx affects version 3.21.2-tuxcare.1 of express." }, "affects": [ { "ref": "pkg:npm/express@3.21.2-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:npm/express@3.21.2-tuxcare.1" } ] }