{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:5e2a1d7f-60f4-5fcc-a660-2dc17e604843", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/minimatch@2.0.10-tuxcare.1", "type": "library", "name": "minimatch", "version": "2.0.10-tuxcare.1", "purl": "pkg:npm/minimatch@2.0.10-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:a548fa36-6d6d-5654-8ecb-cf2258278a8e", "id": "CVE-2016-10540", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-10540 is fixed in version 2.0.10-tuxcare.1 of minimatch." }, "affects": [ { "ref": "pkg:npm/minimatch@2.0.10-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cde93b53-f50d-50a3-a9e7-0ab4149655cd", "id": "CVE-2022-3517", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-3517 is fixed in version 2.0.10-tuxcare.1 of minimatch." }, "affects": [ { "ref": "pkg:npm/minimatch@2.0.10-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4096d37e-e5ab-5529-8d5f-f9be3dc9f5df", "id": "CVE-2026-26996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-26996 affects version 2.0.10-tuxcare.1 of minimatch." }, "affects": [ { "ref": "pkg:npm/minimatch@2.0.10-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f231143b-aa14-570b-8e6c-48fee60a5077", "id": "CVE-2026-27903", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-27903 affects version 2.0.10-tuxcare.1 of minimatch." }, "affects": [ { "ref": "pkg:npm/minimatch@2.0.10-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:22c1f7c8-3c88-56b4-8f16-34c6f559b4bb", "id": "CVE-2026-27904", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-27904 affects version 2.0.10-tuxcare.1 of minimatch." }, "affects": [ { "ref": "pkg:npm/minimatch@2.0.10-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:npm/minimatch@2.0.10-tuxcare.1" } ] }