{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:8c1f2b92-8efd-50e3-af53-c29a0b15ebd4", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/nodemailer@2.7.2-tuxcare.1", "type": "library", "name": "nodemailer", "version": "2.7.2-tuxcare.1", "purl": "pkg:npm/nodemailer@2.7.2-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:5568f66c-d28a-5853-ba00-a0329e0bc409", "id": "CVE-2020-7769", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-7769 is fixed in version 2.7.2-tuxcare.1 of nodemailer." }, "affects": [ { "ref": "pkg:npm/nodemailer@2.7.2-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d28caf85-c36e-57f7-9811-c1fb4163edc7", "id": "CVE-2021-23400", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-23400 is fixed in version 2.7.2-tuxcare.1 of nodemailer." }, "affects": [ { "ref": "pkg:npm/nodemailer@2.7.2-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a5bbf6f4-a002-57ee-8f4f-dcd9c8c2096a", "id": "CVE-2025-13033", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-13033 is fixed in version 2.7.2-tuxcare.1 of nodemailer." }, "affects": [ { "ref": "pkg:npm/nodemailer@2.7.2-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f18a05a9-19ce-5a96-82b1-9c097cd9d709", "id": "CVE-2025-14874", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-14874 is fixed in version 2.7.2-tuxcare.1 of nodemailer." }, "affects": [ { "ref": "pkg:npm/nodemailer@2.7.2-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f0129d12-89db-5cee-b43d-62b458cb6bec", "id": "GHSA-9h6g-pr28-7cqp", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-9h6g-pr28-7cqp is fixed in version 2.7.2-tuxcare.1 of nodemailer." }, "affects": [ { "ref": "pkg:npm/nodemailer@2.7.2-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b82831a9-0193-50fd-b319-d1e2013e9b7f", "id": "GHSA-c7w3-x93f-qmm8", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-c7w3-x93f-qmm8 affects version 2.7.2-tuxcare.1 of nodemailer." }, "affects": [ { "ref": "pkg:npm/nodemailer@2.7.2-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bdaac4ad-816e-502a-a793-db0422c7c1d6", "id": "GHSA-jj37-3377-m6vv", "analysis": { "state": "false_positive", "detail": "Vulnerability GHSA-jj37-3377-m6vv is a false positive for nodemailer 2.7.2-tuxcare.1." }, "affects": [ { "ref": "pkg:npm/nodemailer@2.7.2-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:506a1b59-e750-5111-a9b9-e50df6c12616", "id": "GHSA-mm7p-fcc7-pg87", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-mm7p-fcc7-pg87 affects version 2.7.2-tuxcare.1 of nodemailer." }, "affects": [ { "ref": "pkg:npm/nodemailer@2.7.2-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9c26c04e-23a6-5c0a-b42a-d101eb9f2625", "id": "GHSA-rcmh-qjqh-p98v", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-rcmh-qjqh-p98v is fixed in version 2.7.2-tuxcare.1 of nodemailer." }, "affects": [ { "ref": "pkg:npm/nodemailer@2.7.2-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:acf61aa7-e44b-5dfe-82d2-30e5f7a5dfd3", "id": "GHSA-vvjj-xcjg-gr5g", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-vvjj-xcjg-gr5g affects version 2.7.2-tuxcare.1 of nodemailer." }, "affects": [ { "ref": "pkg:npm/nodemailer@2.7.2-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:npm/nodemailer@2.7.2-tuxcare.1" } ] }