{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:45a7485b-f012-536d-869e-f80f5e649341", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/connect@2.7.5-tuxcare.1", "type": "library", "name": "connect", "version": "2.7.5-tuxcare.1", "purl": "pkg:npm/connect@2.7.5-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:800bae1e-7540-5503-8c22-c1bf3adaf880", "id": "CVE-2013-7370", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2013-7370 is fixed in version 2.7.5-tuxcare.1 of connect." }, "affects": [ { "ref": "pkg:npm/connect@2.7.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8c6db17b-e774-557d-a278-8481f11a6152", "id": "CVE-2013-7371", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2013-7371 is fixed in version 2.7.5-tuxcare.1 of connect." }, "affects": [ { "ref": "pkg:npm/connect@2.7.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:139b923a-9a92-5e63-830f-6c2d6225ed08", "id": "CVE-2014-10064", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-10064 affects version 2.7.5-tuxcare.1 of connect." }, "affects": [ { "ref": "pkg:npm/connect@2.7.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b5723e65-b9e2-5f56-8ec3-ce569f05403a", "id": "CVE-2014-6394", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-6394 affects version 2.7.5-tuxcare.1 of connect." }, "affects": [ { "ref": "pkg:npm/connect@2.7.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:994b7e0b-68e8-5c2a-99c7-29892037700e", "id": "CVE-2014-7191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-7191 affects version 2.7.5-tuxcare.1 of connect." }, "affects": [ { "ref": "pkg:npm/connect@2.7.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6b01eb6c-7a18-5d90-a317-b183dd0034bd", "id": "CVE-2015-8859", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-8859 affects version 2.7.5-tuxcare.1 of connect." }, "affects": [ { "ref": "pkg:npm/connect@2.7.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:85c53a7c-f272-5fad-8eb7-5550eb56fefb", "id": "CVE-2017-1000048", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-1000048 affects version 2.7.5-tuxcare.1 of connect." }, "affects": [ { "ref": "pkg:npm/connect@2.7.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b19ff286-da2c-5c37-a9c0-02acaffb0854", "id": "CVE-2017-16119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-16119 affects version 2.7.5-tuxcare.1 of connect." }, "affects": [ { "ref": "pkg:npm/connect@2.7.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fb5efc3e-48a1-542f-a9bb-0f3805ee1e51", "id": "CVE-2017-16138", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-16138 affects version 2.7.5-tuxcare.1 of connect." }, "affects": [ { "ref": "pkg:npm/connect@2.7.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:106af5a9-c812-5994-9e32-5abd31fa828b", "id": "CVE-2018-3717", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-3717 is fixed in version 2.7.5-tuxcare.1 of connect." }, "affects": [ { "ref": "pkg:npm/connect@2.7.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2bc41d12-b76e-5d89-9921-39e9fff6b659", "id": "CVE-2022-24999", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-24999 affects version 2.7.5-tuxcare.1 of connect." }, "affects": [ { "ref": "pkg:npm/connect@2.7.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:21d3fa48-54ae-5d24-a345-724e230d5695", "id": "CVE-2024-43799", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-43799 affects version 2.7.5-tuxcare.1 of connect." }, "affects": [ { "ref": "pkg:npm/connect@2.7.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f8796d36-87a6-5735-9924-8fc2b6841548", "id": "CVE-2025-15284", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-15284 affects version 2.7.5-tuxcare.1 of connect." }, "affects": [ { "ref": "pkg:npm/connect@2.7.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5e4d2e9d-0ca9-5c84-b37c-dd2f873ce78c", "id": "CVE-2026-2391", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2391 affects version 2.7.5-tuxcare.1 of connect." }, "affects": [ { "ref": "pkg:npm/connect@2.7.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6933dc80-731f-588d-8dce-af360a44bbdf", "id": "CVE-2026-8723", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-8723 affects version 2.7.5-tuxcare.1 of connect." }, "affects": [ { "ref": "pkg:npm/connect@2.7.5-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:npm/connect@2.7.5-tuxcare.1" } ] }