{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:fd42159e-40b2-5a87-9ae2-6f8bc0559f9e", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/tar@1.0.3-tuxcare.1", "type": "library", "name": "tar", "version": "1.0.3-tuxcare.1", "purl": "pkg:npm/tar@1.0.3-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:8f331ef5-66bc-557f-b537-5d4ea4f12ef0", "id": "CVE-2015-8860", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-8860 is fixed in version 1.0.3-tuxcare.1 of tar." }, "affects": [ { "ref": "pkg:npm/tar@1.0.3-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5a211cbd-14f2-59ed-bae9-a996b5e80c5c", "id": "CVE-2018-20834", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-20834 is fixed in version 1.0.3-tuxcare.1 of tar." }, "affects": [ { "ref": "pkg:npm/tar@1.0.3-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d61d0d2b-0e82-5cb9-98c9-84f0838b1c19", "id": "CVE-2021-32804", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-32804 is fixed in version 1.0.3-tuxcare.1 of tar." }, "affects": [ { "ref": "pkg:npm/tar@1.0.3-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2ffe0f16-910a-5506-914b-d24aedb23b92", "id": "CVE-2021-37713", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-37713 is fixed in version 1.0.3-tuxcare.1 of tar." }, "affects": [ { "ref": "pkg:npm/tar@1.0.3-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3351ea9d-9a08-5778-b24f-b721d39d20c8", "id": "CVE-2024-28863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-28863 is fixed in version 1.0.3-tuxcare.1 of tar." }, "affects": [ { "ref": "pkg:npm/tar@1.0.3-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:03482879-057a-594f-b89d-72ac2386a9bb", "id": "CVE-2026-23745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-23745 affects version 1.0.3-tuxcare.1 of tar." }, "affects": [ { "ref": "pkg:npm/tar@1.0.3-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6f697254-c8a3-5ea7-a6e7-17a866f91646", "id": "CVE-2026-23950", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-23950 affects version 1.0.3-tuxcare.1 of tar." }, "affects": [ { "ref": "pkg:npm/tar@1.0.3-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:64296472-674a-5d23-9e5c-fd501096433e", "id": "CVE-2026-24842", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24842 affects version 1.0.3-tuxcare.1 of tar." }, "affects": [ { "ref": "pkg:npm/tar@1.0.3-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:077f1a4a-f9f3-5761-808c-cfbcc995df0a", "id": "CVE-2026-26960", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-26960 affects version 1.0.3-tuxcare.1 of tar." }, "affects": [ { "ref": "pkg:npm/tar@1.0.3-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e271fe57-5cb1-5353-ae55-68963db596fa", "id": "CVE-2026-29786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29786 affects version 1.0.3-tuxcare.1 of tar." }, "affects": [ { "ref": "pkg:npm/tar@1.0.3-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:29b4727d-9254-54a4-bd3c-5f627046e450", "id": "CVE-2026-31802", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-31802 affects version 1.0.3-tuxcare.1 of tar." }, "affects": [ { "ref": "pkg:npm/tar@1.0.3-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:npm/tar@1.0.3-tuxcare.1" } ] }