{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:e84f745f-974f-5834-87f1-323755996a73", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/%40angular/animations@17.1.0-tuxcare.1", "type": "library", "name": "@angular/animations", "version": "17.1.0-tuxcare.1", "purl": "pkg:npm/%40angular/animations@17.1.0-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:24c53ab3-e7f8-5994-8c64-a6b236192016", "id": "CVE-2017-16009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2017-16009 is fixed in version 17.1.0-tuxcare.1 of @angular/animations." }, "affects": [ { "ref": "pkg:npm/%40angular/animations@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:041fdee8-f3e7-5c61-a340-e256642743e6", "id": "CVE-2025-59052", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-59052 affects version 17.1.0-tuxcare.1 of @angular/animations." }, "affects": [ { "ref": "pkg:npm/%40angular/animations@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:817b0d4c-0317-5b03-b059-d68a47c646be", "id": "CVE-2025-66035", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-66035 is fixed in version 17.1.0-tuxcare.1 of @angular/animations." }, "affects": [ { "ref": "pkg:npm/%40angular/animations@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cf2197ff-693b-5b69-b529-def230d806da", "id": "CVE-2025-66412", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66412 affects version 17.1.0-tuxcare.1 of @angular/animations." }, "affects": [ { "ref": "pkg:npm/%40angular/animations@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2a2ba4f5-9f35-5624-aa29-77b2af51c2dc", "id": "CVE-2026-22610", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22610 affects version 17.1.0-tuxcare.1 of @angular/animations." }, "affects": [ { "ref": "pkg:npm/%40angular/animations@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:969ee751-c42d-51ad-ba95-711e9beab163", "id": "CVE-2026-27970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-27970 affects version 17.1.0-tuxcare.1 of @angular/animations." }, "affects": [ { "ref": "pkg:npm/%40angular/animations@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:062914a0-86d8-5499-898f-83d03f07b98e", "id": "CVE-2026-32635", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32635 affects version 17.1.0-tuxcare.1 of @angular/animations." }, "affects": [ { "ref": "pkg:npm/%40angular/animations@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dbbb06ca-8fc6-5b00-9ce3-51f4a517394d", "id": "CVE-2026-41423", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41423 affects version 17.1.0-tuxcare.1 of @angular/animations." }, "affects": [ { "ref": "pkg:npm/%40angular/animations@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:40e95ebf-fb26-5558-9967-e907f3cfa659", "id": "CVE-2026-46417", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-46417 affects version 17.1.0-tuxcare.1 of @angular/animations." }, "affects": [ { "ref": "pkg:npm/%40angular/animations@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ff7e130f-3dfd-5c69-b167-a68e8d6315e2", "id": "CVE-2026-50168", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50168 affects version 17.1.0-tuxcare.1 of @angular/animations." }, "affects": [ { "ref": "pkg:npm/%40angular/animations@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0fe1c4a8-13d9-5530-b3de-f4173e20ccb4", "id": "CVE-2026-50169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50169 affects version 17.1.0-tuxcare.1 of @angular/animations." }, "affects": [ { "ref": "pkg:npm/%40angular/animations@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:04ba1fd0-5eec-5b8a-a4dd-eab55dad74cd", "id": "CVE-2026-50170", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50170 affects version 17.1.0-tuxcare.1 of @angular/animations." }, "affects": [ { "ref": "pkg:npm/%40angular/animations@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0be1ed6a-4fd3-575f-bf08-dd2a2b9e8b5b", "id": "CVE-2026-50171", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50171 affects version 17.1.0-tuxcare.1 of @angular/animations." }, "affects": [ { "ref": "pkg:npm/%40angular/animations@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f7ba9eba-99e9-50d1-8ace-f5c188f2fc52", "id": "CVE-2026-50184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50184 affects version 17.1.0-tuxcare.1 of @angular/animations." }, "affects": [ { "ref": "pkg:npm/%40angular/animations@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:efbf0f81-0949-501c-bc40-0345fe40a211", "id": "CVE-2026-50555", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50555 affects version 17.1.0-tuxcare.1 of @angular/animations." }, "affects": [ { "ref": "pkg:npm/%40angular/animations@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b19f9b47-b38b-520e-a453-06814ab67481", "id": "CVE-2026-50556", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50556 affects version 17.1.0-tuxcare.1 of @angular/animations." }, "affects": [ { "ref": "pkg:npm/%40angular/animations@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f77bc721-ee2b-5794-a8ff-ab20fec61fa9", "id": "CVE-2026-50557", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50557 affects version 17.1.0-tuxcare.1 of @angular/animations." }, "affects": [ { "ref": "pkg:npm/%40angular/animations@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:645b5054-b7e8-52ea-a6ff-2e2f6120d690", "id": "CVE-2026-52725", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-52725 affects version 17.1.0-tuxcare.1 of @angular/animations." }, "affects": [ { "ref": "pkg:npm/%40angular/animations@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d8ff6f0f-3ef1-55f5-9a73-0702ba1c97c9", "id": "CVE-2026-54264", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-54264 affects version 17.1.0-tuxcare.1 of @angular/animations." }, "affects": [ { "ref": "pkg:npm/%40angular/animations@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:04a7bba7-717a-5a38-82d2-7479848c2227", "id": "CVE-2026-54265", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2026-54265 does not affect version 17.1.0-tuxcare.1 of @angular/animations. not_affected \u2014 Angular v17.1.0 does not have the TwoWayProperty IR operation that is the subject of CVE-2026-54265. Two-way bindings are desugared into separate property and event bindings before template pipeline processing, with the property half using the same parsePropertyBinding() code path as one-way property bindings, which are properly sanitized." }, "affects": [ { "ref": "pkg:npm/%40angular/animations@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a7e54e69-066b-50ac-9243-91b0a2c358d8", "id": "CVE-2026-54266", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-54266 affects version 17.1.0-tuxcare.1 of @angular/animations." }, "affects": [ { "ref": "pkg:npm/%40angular/animations@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5f9c60d1-e1dd-537a-9e0e-e80297f63924", "id": "CVE-2026-54267", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-54267 affects version 17.1.0-tuxcare.1 of @angular/animations." }, "affects": [ { "ref": "pkg:npm/%40angular/animations@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:11859148-df3c-54c1-a895-58932d2ab981", "id": "CVE-2026-54268", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-54268 affects version 17.1.0-tuxcare.1 of @angular/animations." }, "affects": [ { "ref": "pkg:npm/%40angular/animations@17.1.0-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:npm/%40angular/animations@17.1.0-tuxcare.1" } ] }