{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:e1827162-7fee-5b86-8d03-c0c52e4a1ac3", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/node-forge@0.10.0-tuxcare.2", "type": "library", "name": "node-forge", "version": "0.10.0-tuxcare.2", "purl": "pkg:npm/node-forge@0.10.0-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:750dc092-f827-566c-aa45-0f06ce8d26a7", "id": "CVE-2022-0122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-0122 affects version 0.10.0-tuxcare.2 of node-forge." }, "affects": [ { "ref": "pkg:npm/node-forge@0.10.0-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:af9de595-f80d-5feb-8e08-d5350a71b0a6", "id": "CVE-2022-24771", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-24771 is fixed in version 0.10.0-tuxcare.2 of node-forge." }, "affects": [ { "ref": "pkg:npm/node-forge@0.10.0-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d2ea416a-331b-5990-aedd-1c8bbb25b405", "id": "CVE-2022-24772", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-24772 is fixed in version 0.10.0-tuxcare.2 of node-forge." }, "affects": [ { "ref": "pkg:npm/node-forge@0.10.0-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4f2df2bd-ad22-53e5-b1a6-abdcf5f17cd7", "id": "CVE-2022-24773", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-24773 affects version 0.10.0-tuxcare.2 of node-forge." }, "affects": [ { "ref": "pkg:npm/node-forge@0.10.0-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:20041c46-fe72-509a-ab4a-fba1ce2a86bf", "id": "CVE-2025-12816", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-12816 affects version 0.10.0-tuxcare.2 of node-forge." }, "affects": [ { "ref": "pkg:npm/node-forge@0.10.0-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c25241df-d6c9-5b0b-8f64-e04f4228f8ba", "id": "CVE-2025-66030", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66030 affects version 0.10.0-tuxcare.2 of node-forge." }, "affects": [ { "ref": "pkg:npm/node-forge@0.10.0-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:57b0254f-2001-55b3-9a03-6603977f74e0", "id": "CVE-2025-66031", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66031 affects version 0.10.0-tuxcare.2 of node-forge." }, "affects": [ { "ref": "pkg:npm/node-forge@0.10.0-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5a07f0a1-7921-516b-a6ac-f65f53a22bae", "id": "CVE-2026-33891", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33891 affects version 0.10.0-tuxcare.2 of node-forge." }, "affects": [ { "ref": "pkg:npm/node-forge@0.10.0-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1a4739e6-3303-5961-a830-9b555b725ce9", "id": "CVE-2026-33894", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33894 affects version 0.10.0-tuxcare.2 of node-forge." }, "affects": [ { "ref": "pkg:npm/node-forge@0.10.0-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:252dd978-1c65-50b3-baa9-24a8663ac35b", "id": "CVE-2026-33895", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33895 affects version 0.10.0-tuxcare.2 of node-forge." }, "affects": [ { "ref": "pkg:npm/node-forge@0.10.0-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1843bde4-26e4-5304-8f74-c84b689aaff4", "id": "CVE-2026-33896", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33896 affects version 0.10.0-tuxcare.2 of node-forge." }, "affects": [ { "ref": "pkg:npm/node-forge@0.10.0-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e35b1778-9e6b-56ed-bb7a-97489f8e8e7a", "id": "GHSA-5rrq-pxf6-6jx5", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-5rrq-pxf6-6jx5 affects version 0.10.0-tuxcare.2 of node-forge." }, "affects": [ { "ref": "pkg:npm/node-forge@0.10.0-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:npm/node-forge@0.10.0-tuxcare.2" } ] }