{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:3123bf62-5131-59a3-97ea-bc972ae8d0fc", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/%40angular/compiler-cli@17.1.0-tuxcare.1", "type": "library", "name": "@angular/compiler-cli", "version": "17.1.0-tuxcare.1", "purl": "pkg:npm/%40angular/compiler-cli@17.1.0-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:76b6bbb7-1c5b-57f4-b993-7e0a336cc124", "id": "CVE-2017-16009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2017-16009 is fixed in version 17.1.0-tuxcare.1 of @angular/compiler-cli." }, "affects": [ { "ref": "pkg:npm/%40angular/compiler-cli@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:15d88d29-7bd3-5ae4-bde5-6a969e60838c", "id": "CVE-2025-59052", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-59052 affects version 17.1.0-tuxcare.1 of @angular/compiler-cli." }, "affects": [ { "ref": "pkg:npm/%40angular/compiler-cli@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0f94699d-989e-5994-be20-5aa77c4b37aa", "id": "CVE-2025-66035", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-66035 is fixed in version 17.1.0-tuxcare.1 of @angular/compiler-cli." }, "affects": [ { "ref": "pkg:npm/%40angular/compiler-cli@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:64f2ca34-bc4d-5406-a508-7a6c5f31eb8b", "id": "CVE-2025-66412", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66412 affects version 17.1.0-tuxcare.1 of @angular/compiler-cli." }, "affects": [ { "ref": "pkg:npm/%40angular/compiler-cli@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:931092d7-da88-51f8-9127-f88cdc627346", "id": "CVE-2026-22610", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22610 affects version 17.1.0-tuxcare.1 of @angular/compiler-cli." }, "affects": [ { "ref": "pkg:npm/%40angular/compiler-cli@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:70d49cb2-40fb-58b6-8391-4810930cd63e", "id": "CVE-2026-27970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-27970 affects version 17.1.0-tuxcare.1 of @angular/compiler-cli." }, "affects": [ { "ref": "pkg:npm/%40angular/compiler-cli@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f7acecee-7732-56b4-a11a-1192491709b0", "id": "CVE-2026-32635", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32635 affects version 17.1.0-tuxcare.1 of @angular/compiler-cli." }, "affects": [ { "ref": "pkg:npm/%40angular/compiler-cli@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:868845ff-5231-59f7-ba2a-8dd38a051079", "id": "CVE-2026-41423", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41423 affects version 17.1.0-tuxcare.1 of @angular/compiler-cli." }, "affects": [ { "ref": "pkg:npm/%40angular/compiler-cli@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1e9f1dfb-92ae-54ff-840c-b5884a27a877", "id": "CVE-2026-46417", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-46417 affects version 17.1.0-tuxcare.1 of @angular/compiler-cli." }, "affects": [ { "ref": "pkg:npm/%40angular/compiler-cli@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5ecbfdc4-b6c4-57af-848b-1be0bda6d869", "id": "CVE-2026-50168", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50168 affects version 17.1.0-tuxcare.1 of @angular/compiler-cli." }, "affects": [ { "ref": "pkg:npm/%40angular/compiler-cli@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8eac86d4-30fd-5119-9959-13e5260b14db", "id": "CVE-2026-50169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50169 affects version 17.1.0-tuxcare.1 of @angular/compiler-cli." }, "affects": [ { "ref": "pkg:npm/%40angular/compiler-cli@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6abe3f5f-82ec-5a72-8b12-97fc9bbcab55", "id": "CVE-2026-50170", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50170 affects version 17.1.0-tuxcare.1 of @angular/compiler-cli." }, "affects": [ { "ref": "pkg:npm/%40angular/compiler-cli@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:13ecab91-25d4-5d37-a393-e2d8fdbaf459", "id": "CVE-2026-50171", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50171 affects version 17.1.0-tuxcare.1 of @angular/compiler-cli." }, "affects": [ { "ref": "pkg:npm/%40angular/compiler-cli@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9457ff4a-92b7-5d5e-926b-f1d192538e97", "id": "CVE-2026-50184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50184 affects version 17.1.0-tuxcare.1 of @angular/compiler-cli." }, "affects": [ { "ref": "pkg:npm/%40angular/compiler-cli@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a9f8ff76-3844-5e15-934b-f6b251ece226", "id": "CVE-2026-50555", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50555 affects version 17.1.0-tuxcare.1 of @angular/compiler-cli." }, "affects": [ { "ref": "pkg:npm/%40angular/compiler-cli@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8d328fb1-44f2-5efc-95eb-b38795f85687", "id": "CVE-2026-50556", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50556 affects version 17.1.0-tuxcare.1 of @angular/compiler-cli." }, "affects": [ { "ref": "pkg:npm/%40angular/compiler-cli@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fb1bc793-c5da-50e1-94c3-b3ebce4df3b0", "id": "CVE-2026-50557", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50557 affects version 17.1.0-tuxcare.1 of @angular/compiler-cli." }, "affects": [ { "ref": "pkg:npm/%40angular/compiler-cli@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:97a77388-e680-5e1d-ada1-2d71f1a440ae", "id": "CVE-2026-52725", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-52725 affects version 17.1.0-tuxcare.1 of @angular/compiler-cli." }, "affects": [ { "ref": "pkg:npm/%40angular/compiler-cli@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:08d7a76f-081b-5683-82e6-f00aec7ca261", "id": "CVE-2026-54264", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-54264 affects version 17.1.0-tuxcare.1 of @angular/compiler-cli." }, "affects": [ { "ref": "pkg:npm/%40angular/compiler-cli@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:59299948-14ac-5375-b1d3-4106b48d265b", "id": "CVE-2026-54265", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2026-54265 does not affect version 17.1.0-tuxcare.1 of @angular/compiler-cli. not_affected \u2014 Angular v17.1.0 does not have the TwoWayProperty IR operation that is the subject of CVE-2026-54265. Two-way bindings are desugared into separate property and event bindings before template pipeline processing, with the property half using the same parsePropertyBinding() code path as one-way property bindings, which are properly sanitized." }, "affects": [ { "ref": "pkg:npm/%40angular/compiler-cli@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f04fbeb2-20cc-558f-b1af-a05bb8c2192d", "id": "CVE-2026-54266", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-54266 affects version 17.1.0-tuxcare.1 of @angular/compiler-cli." }, "affects": [ { "ref": "pkg:npm/%40angular/compiler-cli@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:187ce038-0a78-53ba-8319-f6252cd52039", "id": "CVE-2026-54267", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-54267 affects version 17.1.0-tuxcare.1 of @angular/compiler-cli." }, "affects": [ { "ref": "pkg:npm/%40angular/compiler-cli@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:615687fa-c72f-58f0-8a96-fa3cc17e253c", "id": "CVE-2026-54268", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-54268 affects version 17.1.0-tuxcare.1 of @angular/compiler-cli." }, "affects": [ { "ref": "pkg:npm/%40angular/compiler-cli@17.1.0-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:npm/%40angular/compiler-cli@17.1.0-tuxcare.1" } ] }