{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:2ab770f7-6974-57a8-9542-56294f44be37", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/%40angular/common@17.1.0-tuxcare.1", "type": "library", "name": "@angular/common", "version": "17.1.0-tuxcare.1", "purl": "pkg:npm/%40angular/common@17.1.0-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:aacdc81d-0ed0-5512-8d0b-19e826698dcc", "id": "CVE-2017-16009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2017-16009 is fixed in version 17.1.0-tuxcare.1 of @angular/common." }, "affects": [ { "ref": "pkg:npm/%40angular/common@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5afe4ffb-e8f5-5405-ab51-2f9908166d6b", "id": "CVE-2025-59052", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-59052 affects version 17.1.0-tuxcare.1 of @angular/common." }, "affects": [ { "ref": "pkg:npm/%40angular/common@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7871c648-c85f-5cc6-91da-e466759751b5", "id": "CVE-2025-66035", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-66035 is fixed in version 17.1.0-tuxcare.1 of @angular/common." }, "affects": [ { "ref": "pkg:npm/%40angular/common@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:905085e5-208d-5604-aac8-5125106419f3", "id": "CVE-2025-66412", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66412 affects version 17.1.0-tuxcare.1 of @angular/common." }, "affects": [ { "ref": "pkg:npm/%40angular/common@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:05ba30e8-75ac-516b-84d6-664b113998f0", "id": "CVE-2026-22610", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22610 affects version 17.1.0-tuxcare.1 of @angular/common." }, "affects": [ { "ref": "pkg:npm/%40angular/common@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:50e12ca2-f787-53eb-8f34-1f7ef6f38e9d", "id": "CVE-2026-27970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-27970 affects version 17.1.0-tuxcare.1 of @angular/common." }, "affects": [ { "ref": "pkg:npm/%40angular/common@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9717606e-7619-568b-8523-b9bcd362a595", "id": "CVE-2026-32635", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32635 affects version 17.1.0-tuxcare.1 of @angular/common." }, "affects": [ { "ref": "pkg:npm/%40angular/common@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f53f4e97-4371-5549-8127-ae983d13b159", "id": "CVE-2026-41423", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41423 affects version 17.1.0-tuxcare.1 of @angular/common." }, "affects": [ { "ref": "pkg:npm/%40angular/common@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b2fafbe0-e0e8-5fde-9477-15aada1caafb", "id": "CVE-2026-46417", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-46417 affects version 17.1.0-tuxcare.1 of @angular/common." }, "affects": [ { "ref": "pkg:npm/%40angular/common@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bd5eb826-f47d-5821-b644-be0f5e1a45fe", "id": "CVE-2026-50168", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50168 affects version 17.1.0-tuxcare.1 of @angular/common." }, "affects": [ { "ref": "pkg:npm/%40angular/common@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9d3f6f43-b4f2-5c7a-99b8-5bcaca6be758", "id": "CVE-2026-50169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50169 affects version 17.1.0-tuxcare.1 of @angular/common." }, "affects": [ { "ref": "pkg:npm/%40angular/common@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:858a5f15-0300-5e83-a393-c6f56eeed2e8", "id": "CVE-2026-50170", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50170 affects version 17.1.0-tuxcare.1 of @angular/common." }, "affects": [ { "ref": "pkg:npm/%40angular/common@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fa31e87a-df9a-50ea-8be2-20864aa307dc", "id": "CVE-2026-50171", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50171 affects version 17.1.0-tuxcare.1 of @angular/common." }, "affects": [ { "ref": "pkg:npm/%40angular/common@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:88fd69ad-39bb-5865-bb83-6ac7c368782d", "id": "CVE-2026-50184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50184 affects version 17.1.0-tuxcare.1 of @angular/common." }, "affects": [ { "ref": "pkg:npm/%40angular/common@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c87c6696-1232-57d7-b5b8-49c07c91fad0", "id": "CVE-2026-50555", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50555 affects version 17.1.0-tuxcare.1 of @angular/common." }, "affects": [ { "ref": "pkg:npm/%40angular/common@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9869243d-a9e6-5634-9eb8-c6e0c9f54236", "id": "CVE-2026-50556", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50556 affects version 17.1.0-tuxcare.1 of @angular/common." }, "affects": [ { "ref": "pkg:npm/%40angular/common@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:aef06c0a-ce5f-5599-a234-1fb99f4348f6", "id": "CVE-2026-50557", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50557 affects version 17.1.0-tuxcare.1 of @angular/common." }, "affects": [ { "ref": "pkg:npm/%40angular/common@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:97f148ca-68d4-52b8-a93d-2145ce7928bb", "id": "CVE-2026-52725", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-52725 affects version 17.1.0-tuxcare.1 of @angular/common." }, "affects": [ { "ref": "pkg:npm/%40angular/common@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1fad30f3-07cc-5369-9c24-65e46a8c5216", "id": "CVE-2026-54264", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-54264 affects version 17.1.0-tuxcare.1 of @angular/common." }, "affects": [ { "ref": "pkg:npm/%40angular/common@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b19d4f35-aead-5c01-952c-6ddc59c86698", "id": "CVE-2026-54265", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2026-54265 does not affect version 17.1.0-tuxcare.1 of @angular/common. not_affected \u2014 Angular v17.1.0 does not have the TwoWayProperty IR operation that is the subject of CVE-2026-54265. Two-way bindings are desugared into separate property and event bindings before template pipeline processing, with the property half using the same parsePropertyBinding() code path as one-way property bindings, which are properly sanitized." }, "affects": [ { "ref": "pkg:npm/%40angular/common@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2a70a34c-4483-58e0-9991-6136b6ff3ec6", "id": "CVE-2026-54266", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-54266 affects version 17.1.0-tuxcare.1 of @angular/common." }, "affects": [ { "ref": "pkg:npm/%40angular/common@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0f1d2e5e-f81f-5f3b-b66d-08a8b3a38e41", "id": "CVE-2026-54267", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-54267 affects version 17.1.0-tuxcare.1 of @angular/common." }, "affects": [ { "ref": "pkg:npm/%40angular/common@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cd7141d6-187f-5899-890b-818b0d30c9a2", "id": "CVE-2026-54268", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-54268 affects version 17.1.0-tuxcare.1 of @angular/common." }, "affects": [ { "ref": "pkg:npm/%40angular/common@17.1.0-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:npm/%40angular/common@17.1.0-tuxcare.1" } ] }