{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:d70e51f5-fa5d-5a04-bfc2-c57658ef7b33", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/%40angular/bazel@17.1.0-tuxcare.1", "type": "library", "name": "@angular/bazel", "version": "17.1.0-tuxcare.1", "purl": "pkg:npm/%40angular/bazel@17.1.0-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:22776542-9c51-5c27-a511-cb07a74c5752", "id": "CVE-2017-16009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2017-16009 is fixed in version 17.1.0-tuxcare.1 of @angular/bazel." }, "affects": [ { "ref": "pkg:npm/%40angular/bazel@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:df37fdcb-f13b-5106-8cbd-addacd428875", "id": "CVE-2025-59052", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-59052 affects version 17.1.0-tuxcare.1 of @angular/bazel." }, "affects": [ { "ref": "pkg:npm/%40angular/bazel@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:78be816d-ef95-5a97-859b-7e5fae005b24", "id": "CVE-2025-66035", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-66035 is fixed in version 17.1.0-tuxcare.1 of @angular/bazel." }, "affects": [ { "ref": "pkg:npm/%40angular/bazel@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e6cb370d-7506-59e8-b328-f862728befe4", "id": "CVE-2025-66412", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66412 affects version 17.1.0-tuxcare.1 of @angular/bazel." }, "affects": [ { "ref": "pkg:npm/%40angular/bazel@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9dae1399-f4fd-5244-80ca-947922b76590", "id": "CVE-2026-22610", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22610 affects version 17.1.0-tuxcare.1 of @angular/bazel." }, "affects": [ { "ref": "pkg:npm/%40angular/bazel@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:91d2c272-c17a-584a-8577-f39074cec6c1", "id": "CVE-2026-27970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-27970 affects version 17.1.0-tuxcare.1 of @angular/bazel." }, "affects": [ { "ref": "pkg:npm/%40angular/bazel@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d030d91e-c707-5458-b1af-7ca2ec85b4b0", "id": "CVE-2026-32635", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32635 affects version 17.1.0-tuxcare.1 of @angular/bazel." }, "affects": [ { "ref": "pkg:npm/%40angular/bazel@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d222045d-ca21-55e9-83d1-c86ce71f0c24", "id": "CVE-2026-41423", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41423 affects version 17.1.0-tuxcare.1 of @angular/bazel." }, "affects": [ { "ref": "pkg:npm/%40angular/bazel@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0a2b400f-f595-5f6e-9f4b-30a7b17fb827", "id": "CVE-2026-46417", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-46417 affects version 17.1.0-tuxcare.1 of @angular/bazel." }, "affects": [ { "ref": "pkg:npm/%40angular/bazel@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:98eea847-9fbd-5ae8-803d-e0a5a5a07285", "id": "CVE-2026-50168", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50168 affects version 17.1.0-tuxcare.1 of @angular/bazel." }, "affects": [ { "ref": "pkg:npm/%40angular/bazel@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ec4cf07b-054e-5bdb-8319-09f5a2e08780", "id": "CVE-2026-50169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50169 affects version 17.1.0-tuxcare.1 of @angular/bazel." }, "affects": [ { "ref": "pkg:npm/%40angular/bazel@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:28501e96-1fb5-5580-a5b8-e83073c68c2d", "id": "CVE-2026-50170", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50170 affects version 17.1.0-tuxcare.1 of @angular/bazel." }, "affects": [ { "ref": "pkg:npm/%40angular/bazel@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ab56fe2e-32c3-513d-b6a8-d1faba696011", "id": "CVE-2026-50171", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50171 affects version 17.1.0-tuxcare.1 of @angular/bazel." }, "affects": [ { "ref": "pkg:npm/%40angular/bazel@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:09f72395-f4ec-5eb9-aea8-7bad84661bb3", "id": "CVE-2026-50184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50184 affects version 17.1.0-tuxcare.1 of @angular/bazel." }, "affects": [ { "ref": "pkg:npm/%40angular/bazel@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c6a7b7e0-086d-56a1-99b0-caf87cc8c510", "id": "CVE-2026-50555", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50555 affects version 17.1.0-tuxcare.1 of @angular/bazel." }, "affects": [ { "ref": "pkg:npm/%40angular/bazel@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:207898ef-8993-59df-a189-67bbec7cafaa", "id": "CVE-2026-50556", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50556 affects version 17.1.0-tuxcare.1 of @angular/bazel." }, "affects": [ { "ref": "pkg:npm/%40angular/bazel@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7328a1be-83ea-5d05-b732-54229f0d2814", "id": "CVE-2026-50557", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50557 affects version 17.1.0-tuxcare.1 of @angular/bazel." }, "affects": [ { "ref": "pkg:npm/%40angular/bazel@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f1cb8c4c-4df6-5fcd-a45f-ba5e36fba8c9", "id": "CVE-2026-52725", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-52725 affects version 17.1.0-tuxcare.1 of @angular/bazel." }, "affects": [ { "ref": "pkg:npm/%40angular/bazel@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f5aa1130-7184-5b9c-8434-d28e02c78337", "id": "CVE-2026-54264", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-54264 affects version 17.1.0-tuxcare.1 of @angular/bazel." }, "affects": [ { "ref": "pkg:npm/%40angular/bazel@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:53b9dfee-8706-5b95-8edc-cd8d463b85dd", "id": "CVE-2026-54265", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2026-54265 does not affect version 17.1.0-tuxcare.1 of @angular/bazel. not_affected \u2014 Angular v17.1.0 does not have the TwoWayProperty IR operation that is the subject of CVE-2026-54265. Two-way bindings are desugared into separate property and event bindings before template pipeline processing, with the property half using the same parsePropertyBinding() code path as one-way property bindings, which are properly sanitized." }, "affects": [ { "ref": "pkg:npm/%40angular/bazel@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2907f7a5-e6f4-56c8-abe8-0135f845911c", "id": "CVE-2026-54266", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-54266 affects version 17.1.0-tuxcare.1 of @angular/bazel." }, "affects": [ { "ref": "pkg:npm/%40angular/bazel@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a12f1444-506c-5d17-93d5-ef375b6d0884", "id": "CVE-2026-54267", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-54267 affects version 17.1.0-tuxcare.1 of @angular/bazel." }, "affects": [ { "ref": "pkg:npm/%40angular/bazel@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f0fa9ada-c304-5d85-a08e-846c0480bbe7", "id": "CVE-2026-54268", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-54268 affects version 17.1.0-tuxcare.1 of @angular/bazel." }, "affects": [ { "ref": "pkg:npm/%40angular/bazel@17.1.0-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:npm/%40angular/bazel@17.1.0-tuxcare.1" } ] }