{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:d89e0e6d-72d2-59c9-9e02-f0aa2ab47710", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/%40angular/benchpress@17.1.0-tuxcare.1", "type": "library", "name": "@angular/benchpress", "version": "17.1.0-tuxcare.1", "purl": "pkg:npm/%40angular/benchpress@17.1.0-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:65271d82-5c0d-5680-ad98-42bfe173d09a", "id": "CVE-2017-16009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2017-16009 is fixed in version 17.1.0-tuxcare.1 of @angular/benchpress." }, "affects": [ { "ref": "pkg:npm/%40angular/benchpress@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bf5e232f-710c-5f10-b9f2-6fb20b3026c2", "id": "CVE-2025-59052", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-59052 affects version 17.1.0-tuxcare.1 of @angular/benchpress." }, "affects": [ { "ref": "pkg:npm/%40angular/benchpress@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:86fb118c-43ce-5dda-892c-98b9b5062c40", "id": "CVE-2025-66035", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-66035 is fixed in version 17.1.0-tuxcare.1 of @angular/benchpress." }, "affects": [ { "ref": "pkg:npm/%40angular/benchpress@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:64e3e2d0-446b-5d24-8352-51773f849800", "id": "CVE-2025-66412", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66412 affects version 17.1.0-tuxcare.1 of @angular/benchpress." }, "affects": [ { "ref": "pkg:npm/%40angular/benchpress@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:eb8734b7-8703-5124-ac37-4f9406bd2159", "id": "CVE-2026-22610", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22610 affects version 17.1.0-tuxcare.1 of @angular/benchpress." }, "affects": [ { "ref": "pkg:npm/%40angular/benchpress@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9ccba89d-401c-5cd9-8be2-6d97e5e6b20d", "id": "CVE-2026-27970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-27970 affects version 17.1.0-tuxcare.1 of @angular/benchpress." }, "affects": [ { "ref": "pkg:npm/%40angular/benchpress@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f6e8abef-f403-5991-828e-3af1510a823b", "id": "CVE-2026-32635", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32635 affects version 17.1.0-tuxcare.1 of @angular/benchpress." }, "affects": [ { "ref": "pkg:npm/%40angular/benchpress@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e083c07a-c27f-57ec-b671-b563501ebe28", "id": "CVE-2026-41423", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41423 affects version 17.1.0-tuxcare.1 of @angular/benchpress." }, "affects": [ { "ref": "pkg:npm/%40angular/benchpress@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:228f4799-764a-5832-b3fd-f98ed05b52d7", "id": "CVE-2026-46417", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-46417 affects version 17.1.0-tuxcare.1 of @angular/benchpress." }, "affects": [ { "ref": "pkg:npm/%40angular/benchpress@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ae688ee0-b45a-5699-8fc2-f3b8eb28c069", "id": "CVE-2026-50168", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50168 affects version 17.1.0-tuxcare.1 of @angular/benchpress." }, "affects": [ { "ref": "pkg:npm/%40angular/benchpress@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:606cb76d-4bb0-5c4d-aa5c-824731adf156", "id": "CVE-2026-50169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50169 affects version 17.1.0-tuxcare.1 of @angular/benchpress." }, "affects": [ { "ref": "pkg:npm/%40angular/benchpress@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:766644bb-8854-565d-8194-a8d7ec3df8f1", "id": "CVE-2026-50170", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50170 affects version 17.1.0-tuxcare.1 of @angular/benchpress." }, "affects": [ { "ref": "pkg:npm/%40angular/benchpress@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7f01a29b-5c0b-5b84-973c-89e49bf4859d", "id": "CVE-2026-50171", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50171 affects version 17.1.0-tuxcare.1 of @angular/benchpress." }, "affects": [ { "ref": "pkg:npm/%40angular/benchpress@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f7dd6b8e-7006-560c-8dfd-600131ec39b0", "id": "CVE-2026-50184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50184 affects version 17.1.0-tuxcare.1 of @angular/benchpress." }, "affects": [ { "ref": "pkg:npm/%40angular/benchpress@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dd168101-2155-5d35-994a-056fde9c61be", "id": "CVE-2026-50555", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50555 affects version 17.1.0-tuxcare.1 of @angular/benchpress." }, "affects": [ { "ref": "pkg:npm/%40angular/benchpress@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c29f8e09-c9b8-524e-8591-340d169d6e1d", "id": "CVE-2026-50556", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50556 affects version 17.1.0-tuxcare.1 of @angular/benchpress." }, "affects": [ { "ref": "pkg:npm/%40angular/benchpress@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c51e60ea-9d36-5bae-afec-fc0c3ddb4b2e", "id": "CVE-2026-50557", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50557 affects version 17.1.0-tuxcare.1 of @angular/benchpress." }, "affects": [ { "ref": "pkg:npm/%40angular/benchpress@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8e512681-5f6d-546a-8f7d-5f2d3e1cd969", "id": "CVE-2026-52725", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-52725 affects version 17.1.0-tuxcare.1 of @angular/benchpress." }, "affects": [ { "ref": "pkg:npm/%40angular/benchpress@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3cec6f88-e44e-5607-8e25-5b21a43a4c57", "id": "CVE-2026-54264", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-54264 affects version 17.1.0-tuxcare.1 of @angular/benchpress." }, "affects": [ { "ref": "pkg:npm/%40angular/benchpress@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dff3176b-7edb-5370-adeb-4bb68e51ce2b", "id": "CVE-2026-54265", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2026-54265 does not affect version 17.1.0-tuxcare.1 of @angular/benchpress. not_affected \u2014 Angular v17.1.0 does not have the TwoWayProperty IR operation that is the subject of CVE-2026-54265. Two-way bindings are desugared into separate property and event bindings before template pipeline processing, with the property half using the same parsePropertyBinding() code path as one-way property bindings, which are properly sanitized." }, "affects": [ { "ref": "pkg:npm/%40angular/benchpress@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9a000929-0664-5f23-bd33-c8fb7afe5372", "id": "CVE-2026-54266", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-54266 affects version 17.1.0-tuxcare.1 of @angular/benchpress." }, "affects": [ { "ref": "pkg:npm/%40angular/benchpress@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2b6aadbc-5170-5dd6-aa6f-26f4943a7906", "id": "CVE-2026-54267", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-54267 affects version 17.1.0-tuxcare.1 of @angular/benchpress." }, "affects": [ { "ref": "pkg:npm/%40angular/benchpress@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:516f25de-d031-5379-ae67-9942a64b6a8e", "id": "CVE-2026-54268", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-54268 affects version 17.1.0-tuxcare.1 of @angular/benchpress." }, "affects": [ { "ref": "pkg:npm/%40angular/benchpress@17.1.0-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:npm/%40angular/benchpress@17.1.0-tuxcare.1" } ] }