{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:75cc184d-2375-58db-85e7-0ad68df5f194", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/dompurify@2.4.7-tuxcare.1", "type": "library", "name": "dompurify", "version": "2.4.7-tuxcare.1", "purl": "pkg:npm/dompurify@2.4.7-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:ceaeaf5f-3063-54d1-a9ab-b68806f12fa3", "id": "CVE-2024-45801", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-45801 is fixed in version 2.4.7-tuxcare.1 of dompurify." }, "affects": [ { "ref": "pkg:npm/dompurify@2.4.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bca71484-aff8-59e1-9eb4-237ef5396330", "id": "CVE-2024-47875", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-47875 is fixed in version 2.4.7-tuxcare.1 of dompurify." }, "affects": [ { "ref": "pkg:npm/dompurify@2.4.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:84553854-6c6b-5e26-a782-566667caf28c", "id": "CVE-2025-26791", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-26791 is fixed in version 2.4.7-tuxcare.1 of dompurify." }, "affects": [ { "ref": "pkg:npm/dompurify@2.4.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2bb5a6ad-3501-59c5-8e89-3193b8af748b", "id": "CVE-2026-0540", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-0540 affects version 2.4.7-tuxcare.1 of dompurify." }, "affects": [ { "ref": "pkg:npm/dompurify@2.4.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0a8363df-aaea-59dd-9de2-f12fc994d65c", "id": "CVE-2026-41239", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-41239 is fixed in version 2.4.7-tuxcare.1 of dompurify." }, "affects": [ { "ref": "pkg:npm/dompurify@2.4.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:89f40bec-606d-5391-9317-e4f14fcf1589", "id": "CVE-2026-41240", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-41240 is fixed in version 2.4.7-tuxcare.1 of dompurify." }, "affects": [ { "ref": "pkg:npm/dompurify@2.4.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:86468b0c-6c30-5d85-a887-2db67480fb8e", "id": "GHSA-39q2-94rc-95cp", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-39q2-94rc-95cp is fixed in version 2.4.7-tuxcare.1 of dompurify." }, "affects": [ { "ref": "pkg:npm/dompurify@2.4.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:12c86750-c8f1-5fa2-ab7f-a2847fff7ad2", "id": "GHSA-cj63-jhhr-wcxv", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-cj63-jhhr-wcxv is fixed in version 2.4.7-tuxcare.1 of dompurify." }, "affects": [ { "ref": "pkg:npm/dompurify@2.4.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cb3953fe-9d3a-5f1d-90c6-a651d70e9f58", "id": "GHSA-cjmm-f4jc-qw8r", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-cjmm-f4jc-qw8r is fixed in version 2.4.7-tuxcare.1 of dompurify." }, "affects": [ { "ref": "pkg:npm/dompurify@2.4.7-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a05b32b3-dcdf-5e4c-b3ef-9e561131f55c", "id": "GHSA-h8r8-wccr-v5f2", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-h8r8-wccr-v5f2 is fixed in version 2.4.7-tuxcare.1 of dompurify." }, "affects": [ { "ref": "pkg:npm/dompurify@2.4.7-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:npm/dompurify@2.4.7-tuxcare.1" } ] }