{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:01a2f39b-6c90-592d-a77a-ed7547a3f8be", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/loopback@2.42.0-tuxcare.1", "type": "library", "name": "loopback", "version": "2.42.0-tuxcare.1", "purl": "pkg:npm/loopback@2.42.0-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:0aa341d9-e609-533a-b022-8755be31530a", "id": "CVE-2020-7769", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-7769 affects version 2.42.0-tuxcare.1 of loopback." }, "affects": [ { "ref": "pkg:npm/loopback@2.42.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bf22b629-f578-5c9f-b4f7-b32801c93c18", "id": "CVE-2021-23358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-23358 affects version 2.42.0-tuxcare.1 of loopback." }, "affects": [ { "ref": "pkg:npm/loopback@2.42.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0f31d37c-22c7-5204-9d71-07663adaa356", "id": "CVE-2021-23400", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-23400 affects version 2.42.0-tuxcare.1 of loopback." }, "affects": [ { "ref": "pkg:npm/loopback@2.42.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:df9e5912-ce88-5b01-8c7d-c7d666143abe", "id": "CVE-2022-29078", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-29078 affects version 2.42.0-tuxcare.1 of loopback." }, "affects": [ { "ref": "pkg:npm/loopback@2.42.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2e179e3c-a93a-5a31-aa8e-cc0acbdf735e", "id": "CVE-2024-29415", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-29415 affects version 2.42.0-tuxcare.1 of loopback." }, "affects": [ { "ref": "pkg:npm/loopback@2.42.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3365cf68-8dca-5388-b28d-d331e0259f10", "id": "CVE-2024-33883", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-33883 affects version 2.42.0-tuxcare.1 of loopback." }, "affects": [ { "ref": "pkg:npm/loopback@2.42.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:20223d3b-2f38-5c29-ab78-8b3c90a78ec1", "id": "CVE-2025-13033", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-13033 affects version 2.42.0-tuxcare.1 of loopback." }, "affects": [ { "ref": "pkg:npm/loopback@2.42.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3c436a2b-b631-53a5-b35a-78cb122378ad", "id": "CVE-2025-14874", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-14874 affects version 2.42.0-tuxcare.1 of loopback." }, "affects": [ { "ref": "pkg:npm/loopback@2.42.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d93199a3-d064-533a-b7b8-3f13800261f3", "id": "CVE-2026-27601", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-27601 affects version 2.42.0-tuxcare.1 of loopback." }, "affects": [ { "ref": "pkg:npm/loopback@2.42.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8f4781e3-82d6-5dfc-83a0-1f2932bdf75b", "id": "GHSA-724c-6vrf-99rq", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-724c-6vrf-99rq affects version 2.42.0-tuxcare.1 of loopback." }, "affects": [ { "ref": "pkg:npm/loopback@2.42.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:28bce780-e991-5c2b-9769-e464bc5fb42d", "id": "GHSA-8wgc-jjvv-cv6v", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-8wgc-jjvv-cv6v affects version 2.42.0-tuxcare.1 of loopback." }, "affects": [ { "ref": "pkg:npm/loopback@2.42.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ed7e4293-d72e-50b7-9e3c-dc4d427c2a1c", "id": "GHSA-9h6g-pr28-7cqp", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-9h6g-pr28-7cqp affects version 2.42.0-tuxcare.1 of loopback." }, "affects": [ { "ref": "pkg:npm/loopback@2.42.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:075c8e28-da31-576a-a755-edb0caf9db9a", "id": "GHSA-c7w3-x93f-qmm8", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-c7w3-x93f-qmm8 affects version 2.42.0-tuxcare.1 of loopback." }, "affects": [ { "ref": "pkg:npm/loopback@2.42.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:069a8849-71bb-5bda-8258-93c60c404c90", "id": "GHSA-jj37-3377-m6vv", "analysis": { "state": "false_positive", "detail": "Vulnerability GHSA-jj37-3377-m6vv is a false positive for loopback 2.42.0-tuxcare.1." }, "affects": [ { "ref": "pkg:npm/loopback@2.42.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:71bd003e-4c5b-5fc2-8c10-00f7fec2a011", "id": "GHSA-mm7p-fcc7-pg87", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-mm7p-fcc7-pg87 affects version 2.42.0-tuxcare.1 of loopback." }, "affects": [ { "ref": "pkg:npm/loopback@2.42.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b239d024-4aa7-540a-833b-b15775f61639", "id": "GHSA-vvjj-xcjg-gr5g", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-vvjj-xcjg-gr5g affects version 2.42.0-tuxcare.1 of loopback." }, "affects": [ { "ref": "pkg:npm/loopback@2.42.0-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:npm/loopback@2.42.0-tuxcare.1" } ] }