{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:b5c46037-1526-5890-bdb6-3b565ea936bc", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/angular-upgrade@8.0.3", "type": "library", "name": "angular-upgrade", "version": "8.0.3", "purl": "pkg:npm/angular-upgrade@8.0.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:7243246e-e4d4-56c3-b28a-13e4105567cb", "id": "CVE-2021-4231", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-4231 affects version 8.0.3 of angular-upgrade." }, "affects": [ { "ref": "pkg:npm/angular-upgrade@8.0.3" } ] }, { "bom-ref": "urn:uuid:8f7192da-91e9-500e-862a-23b17db33060", "id": "CVE-2025-66035", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66035 affects version 8.0.3 of angular-upgrade." }, "affects": [ { "ref": "pkg:npm/angular-upgrade@8.0.3" } ] }, { "bom-ref": "urn:uuid:9c4e89d5-f468-56c3-a4c4-ccf891473ba5", "id": "CVE-2025-66412", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66412 affects version 8.0.3 of angular-upgrade." }, "affects": [ { "ref": "pkg:npm/angular-upgrade@8.0.3" } ] }, { "bom-ref": "urn:uuid:84b88d37-3c78-5dde-94b5-73c16c12d8cf", "id": "CVE-2026-22610", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22610 affects version 8.0.3 of angular-upgrade." }, "affects": [ { "ref": "pkg:npm/angular-upgrade@8.0.3" } ] } ], "dependencies": [ { "ref": "pkg:npm/angular-upgrade@8.0.3" } ] }