{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:1b495f1f-b1a6-507d-b871-2c2e14d73ae9", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/dompurify@2.4.0-tuxcare.1", "type": "library", "name": "dompurify", "version": "2.4.0-tuxcare.1", "purl": "pkg:npm/dompurify@2.4.0-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:4421042d-6e3f-58c8-bc00-a3a9e9ed6b29", "id": "CVE-2024-45801", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-45801 is fixed in version 2.4.0-tuxcare.1 of dompurify." }, "affects": [ { "ref": "pkg:npm/dompurify@2.4.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ef5724d5-a7f2-5b8f-a03d-82a7a794b7e0", "id": "CVE-2024-47875", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-47875 is fixed in version 2.4.0-tuxcare.1 of dompurify." }, "affects": [ { "ref": "pkg:npm/dompurify@2.4.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6ad6ab4b-5e4f-5496-b329-d4ed1f7ed259", "id": "CVE-2024-48910", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-48910 is fixed in version 2.4.0-tuxcare.1 of dompurify." }, "affects": [ { "ref": "pkg:npm/dompurify@2.4.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a78e4eb1-d3a8-5fb7-935e-def78f07012c", "id": "CVE-2025-26791", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-26791 is fixed in version 2.4.0-tuxcare.1 of dompurify." }, "affects": [ { "ref": "pkg:npm/dompurify@2.4.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:316f3819-df17-558e-8bd4-c493ceba2adf", "id": "CVE-2026-0540", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-0540 affects version 2.4.0-tuxcare.1 of dompurify." }, "affects": [ { "ref": "pkg:npm/dompurify@2.4.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:362365cf-3010-574b-aa11-ee86b54d535c", "id": "CVE-2026-41239", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-41239 is fixed in version 2.4.0-tuxcare.1 of dompurify." }, "affects": [ { "ref": "pkg:npm/dompurify@2.4.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:01fcab4c-72be-5dd9-841e-4461506b5a53", "id": "CVE-2026-41240", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-41240 is fixed in version 2.4.0-tuxcare.1 of dompurify." }, "affects": [ { "ref": "pkg:npm/dompurify@2.4.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6ab38e8d-219d-5bc7-ac93-010ef3976c2e", "id": "GHSA-39q2-94rc-95cp", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-39q2-94rc-95cp is fixed in version 2.4.0-tuxcare.1 of dompurify." }, "affects": [ { "ref": "pkg:npm/dompurify@2.4.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:04a63a17-8ed3-5d16-a971-567cb3174705", "id": "GHSA-cj63-jhhr-wcxv", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-cj63-jhhr-wcxv is fixed in version 2.4.0-tuxcare.1 of dompurify." }, "affects": [ { "ref": "pkg:npm/dompurify@2.4.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:941c1fec-465f-5250-a357-de714293990d", "id": "GHSA-cjmm-f4jc-qw8r", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-cjmm-f4jc-qw8r is fixed in version 2.4.0-tuxcare.1 of dompurify." }, "affects": [ { "ref": "pkg:npm/dompurify@2.4.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2b533cc3-a432-5de6-9afb-4f9fec5c992c", "id": "GHSA-h8r8-wccr-v5f2", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-h8r8-wccr-v5f2 is fixed in version 2.4.0-tuxcare.1 of dompurify." }, "affects": [ { "ref": "pkg:npm/dompurify@2.4.0-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:npm/dompurify@2.4.0-tuxcare.1" } ] }