{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:88a59f34-8ae0-55f2-9293-8059630f3fc9", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/%40angular/benchpress@17.1.0", "type": "library", "name": "@angular/benchpress", "version": "17.1.0", "purl": "pkg:npm/%40angular/benchpress@17.1.0" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:a4758a6b-bc65-5384-9566-c7cce21cdd60", "id": "CVE-2025-59052", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-59052 affects version 17.1.0 of @angular/benchpress." }, "affects": [ { "ref": "pkg:npm/%40angular/benchpress@17.1.0" } ] }, { "bom-ref": "urn:uuid:996a5f87-eba0-5e13-9fe7-d9a2d4a6d91a", "id": "CVE-2025-66412", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66412 affects version 17.1.0 of @angular/benchpress." }, "affects": [ { "ref": "pkg:npm/%40angular/benchpress@17.1.0" } ] }, { "bom-ref": "urn:uuid:5efdfd46-5923-5b8c-ab4e-c38d5e47c9f7", "id": "CVE-2026-22610", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22610 affects version 17.1.0 of @angular/benchpress." }, "affects": [ { "ref": "pkg:npm/%40angular/benchpress@17.1.0" } ] }, { "bom-ref": "urn:uuid:31aba6bc-2460-5fbe-92ac-26d76eb1c30d", "id": "CVE-2026-27970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-27970 affects version 17.1.0 of @angular/benchpress." }, "affects": [ { "ref": "pkg:npm/%40angular/benchpress@17.1.0" } ] }, { "bom-ref": "urn:uuid:14c7d809-de82-5b9a-94b3-f6a1d16aef41", "id": "CVE-2026-32635", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32635 affects version 17.1.0 of @angular/benchpress." }, "affects": [ { "ref": "pkg:npm/%40angular/benchpress@17.1.0" } ] }, { "bom-ref": "urn:uuid:d2aa1ef5-5747-5530-a3f7-ed7bc9a74813", "id": "CVE-2026-41423", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41423 affects version 17.1.0 of @angular/benchpress." }, "affects": [ { "ref": "pkg:npm/%40angular/benchpress@17.1.0" } ] }, { "bom-ref": "urn:uuid:07a09b36-103a-5d1a-9d5a-7de6695a6293", "id": "CVE-2026-46417", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-46417 affects version 17.1.0 of @angular/benchpress." }, "affects": [ { "ref": "pkg:npm/%40angular/benchpress@17.1.0" } ] }, { "bom-ref": "urn:uuid:1cfc4b62-adba-5717-a0de-163c095cc98d", "id": "CVE-2026-50168", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50168 affects version 17.1.0 of @angular/benchpress." }, "affects": [ { "ref": "pkg:npm/%40angular/benchpress@17.1.0" } ] }, { "bom-ref": "urn:uuid:bb697566-c1cc-515b-9b3a-02ef6da4e985", "id": "CVE-2026-50169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50169 affects version 17.1.0 of @angular/benchpress." }, "affects": [ { "ref": "pkg:npm/%40angular/benchpress@17.1.0" } ] }, { "bom-ref": "urn:uuid:64c18c39-df78-5244-9624-44dc8e393784", "id": "CVE-2026-50170", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50170 affects version 17.1.0 of @angular/benchpress." }, "affects": [ { "ref": "pkg:npm/%40angular/benchpress@17.1.0" } ] }, { "bom-ref": "urn:uuid:29ae6a81-27ab-555f-aa8b-5bfaf3b39ffa", "id": "CVE-2026-50171", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50171 affects version 17.1.0 of @angular/benchpress." }, "affects": [ { "ref": "pkg:npm/%40angular/benchpress@17.1.0" } ] }, { "bom-ref": "urn:uuid:40a5d773-2b84-5d99-9310-3db2a82af8c5", "id": "CVE-2026-50184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50184 affects version 17.1.0 of @angular/benchpress." }, "affects": [ { "ref": "pkg:npm/%40angular/benchpress@17.1.0" } ] }, { "bom-ref": "urn:uuid:f5f8aeca-b956-531d-b0c3-78f94ec5608e", "id": "CVE-2026-50555", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50555 affects version 17.1.0 of @angular/benchpress." }, "affects": [ { "ref": "pkg:npm/%40angular/benchpress@17.1.0" } ] }, { "bom-ref": "urn:uuid:47170794-1187-5bc0-bf06-4d9fa27ec06a", "id": "CVE-2026-50556", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50556 affects version 17.1.0 of @angular/benchpress." }, "affects": [ { "ref": "pkg:npm/%40angular/benchpress@17.1.0" } ] }, { "bom-ref": "urn:uuid:ef972a97-a3c7-5f35-9f14-9ba306edb69d", "id": "CVE-2026-50557", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50557 affects version 17.1.0 of @angular/benchpress." }, "affects": [ { "ref": "pkg:npm/%40angular/benchpress@17.1.0" } ] }, { "bom-ref": "urn:uuid:0843e589-b51e-5d8c-b762-1cc0fe39fb97", "id": "CVE-2026-52725", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-52725 affects version 17.1.0 of @angular/benchpress." }, "affects": [ { "ref": "pkg:npm/%40angular/benchpress@17.1.0" } ] }, { "bom-ref": "urn:uuid:b6fe5121-a1be-58cf-803b-0ba040368549", "id": "CVE-2026-54264", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-54264 affects version 17.1.0 of @angular/benchpress." }, "affects": [ { "ref": "pkg:npm/%40angular/benchpress@17.1.0" } ] }, { "bom-ref": "urn:uuid:c4d3ced5-3806-5754-93f6-c323d8541960", "id": "CVE-2026-54265", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2026-54265 does not affect version 17.1.0 of @angular/benchpress. not_affected \u2014 Angular v17.1.0 does not have the TwoWayProperty IR operation that is the subject of CVE-2026-54265. Two-way bindings are desugared into separate property and event bindings before template pipeline processing, with the property half using the same parsePropertyBinding() code path as one-way property bindings, which are properly sanitized." }, "affects": [ { "ref": "pkg:npm/%40angular/benchpress@17.1.0" } ] }, { "bom-ref": "urn:uuid:7a98fd64-d195-51fb-91af-52ffca66db64", "id": "CVE-2026-54266", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-54266 affects version 17.1.0 of @angular/benchpress." }, "affects": [ { "ref": "pkg:npm/%40angular/benchpress@17.1.0" } ] }, { "bom-ref": "urn:uuid:67cd7055-1f92-59c9-aa75-a42509b4812c", "id": "CVE-2026-54267", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-54267 affects version 17.1.0 of @angular/benchpress." }, "affects": [ { "ref": "pkg:npm/%40angular/benchpress@17.1.0" } ] }, { "bom-ref": "urn:uuid:ace5ed64-4361-5e59-9508-b045ace7d2b7", "id": "CVE-2026-54268", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-54268 affects version 17.1.0 of @angular/benchpress." }, "affects": [ { "ref": "pkg:npm/%40angular/benchpress@17.1.0" } ] } ], "dependencies": [ { "ref": "pkg:npm/%40angular/benchpress@17.1.0" } ] }