{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:eb174ec7-7d2d-5d3d-9db2-f14bd58e9838", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/%40angular/compiler-cli@17.1.0", "type": "library", "name": "@angular/compiler-cli", "version": "17.1.0", "purl": "pkg:npm/%40angular/compiler-cli@17.1.0" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:0289d4a2-2b2d-57e9-b02a-ad6268b4d39c", "id": "CVE-2025-59052", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-59052 affects version 17.1.0 of @angular/compiler-cli." }, "affects": [ { "ref": "pkg:npm/%40angular/compiler-cli@17.1.0" } ] }, { "bom-ref": "urn:uuid:c0bc3945-1ad1-5696-a2dc-fce56c5a0fa8", "id": "CVE-2025-66412", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66412 affects version 17.1.0 of @angular/compiler-cli." }, "affects": [ { "ref": "pkg:npm/%40angular/compiler-cli@17.1.0" } ] }, { "bom-ref": "urn:uuid:01ebc336-12df-56cb-afa6-3fb4a36f4ff2", "id": "CVE-2026-22610", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22610 affects version 17.1.0 of @angular/compiler-cli." }, "affects": [ { "ref": "pkg:npm/%40angular/compiler-cli@17.1.0" } ] }, { "bom-ref": "urn:uuid:e568e427-a698-541d-98a8-a2ebdb05fb11", "id": "CVE-2026-27970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-27970 affects version 17.1.0 of @angular/compiler-cli." }, "affects": [ { "ref": "pkg:npm/%40angular/compiler-cli@17.1.0" } ] }, { "bom-ref": "urn:uuid:0e76c29a-bdb4-5d71-ba43-cabf0088ceae", "id": "CVE-2026-32635", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32635 affects version 17.1.0 of @angular/compiler-cli." }, "affects": [ { "ref": "pkg:npm/%40angular/compiler-cli@17.1.0" } ] }, { "bom-ref": "urn:uuid:f8aa1339-6e32-52f9-b012-703c7c4a2f70", "id": "CVE-2026-41423", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41423 affects version 17.1.0 of @angular/compiler-cli." }, "affects": [ { "ref": "pkg:npm/%40angular/compiler-cli@17.1.0" } ] }, { "bom-ref": "urn:uuid:8d8f98ff-8843-597b-b995-f30cb1c89ac5", "id": "CVE-2026-46417", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-46417 affects version 17.1.0 of @angular/compiler-cli." }, "affects": [ { "ref": "pkg:npm/%40angular/compiler-cli@17.1.0" } ] }, { "bom-ref": "urn:uuid:4d059726-4658-51c4-8010-ff18b89dbfad", "id": "CVE-2026-50168", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50168 affects version 17.1.0 of @angular/compiler-cli." }, "affects": [ { "ref": "pkg:npm/%40angular/compiler-cli@17.1.0" } ] }, { "bom-ref": "urn:uuid:1c00e4c7-24f8-58de-8f68-8ad85ed67126", "id": "CVE-2026-50169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50169 affects version 17.1.0 of @angular/compiler-cli." }, "affects": [ { "ref": "pkg:npm/%40angular/compiler-cli@17.1.0" } ] }, { "bom-ref": "urn:uuid:7277e7fb-5047-56da-8f26-48d7aff80693", "id": "CVE-2026-50170", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50170 affects version 17.1.0 of @angular/compiler-cli." }, "affects": [ { "ref": "pkg:npm/%40angular/compiler-cli@17.1.0" } ] }, { "bom-ref": "urn:uuid:5398450f-047a-5fcf-8938-4076961293f5", "id": "CVE-2026-50171", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50171 affects version 17.1.0 of @angular/compiler-cli." }, "affects": [ { "ref": "pkg:npm/%40angular/compiler-cli@17.1.0" } ] }, { "bom-ref": "urn:uuid:1cd5b321-2775-5f12-a422-43af4bd65306", "id": "CVE-2026-50184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50184 affects version 17.1.0 of @angular/compiler-cli." }, "affects": [ { "ref": "pkg:npm/%40angular/compiler-cli@17.1.0" } ] }, { "bom-ref": "urn:uuid:c382d454-8f04-51aa-98ed-948d479b92e3", "id": "CVE-2026-50555", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50555 affects version 17.1.0 of @angular/compiler-cli." }, "affects": [ { "ref": "pkg:npm/%40angular/compiler-cli@17.1.0" } ] }, { "bom-ref": "urn:uuid:473c48cc-85bf-5741-99fc-b15745258637", "id": "CVE-2026-50556", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50556 affects version 17.1.0 of @angular/compiler-cli." }, "affects": [ { "ref": "pkg:npm/%40angular/compiler-cli@17.1.0" } ] }, { "bom-ref": "urn:uuid:00eb9ea9-49f1-5fef-93d4-7acb976125e3", "id": "CVE-2026-50557", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50557 affects version 17.1.0 of @angular/compiler-cli." }, "affects": [ { "ref": "pkg:npm/%40angular/compiler-cli@17.1.0" } ] }, { "bom-ref": "urn:uuid:f91c5c1a-a00e-5004-aa58-eb1248ef6cd5", "id": "CVE-2026-52725", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-52725 affects version 17.1.0 of @angular/compiler-cli." }, "affects": [ { "ref": "pkg:npm/%40angular/compiler-cli@17.1.0" } ] }, { "bom-ref": "urn:uuid:cee7a508-d679-5ff5-a919-6ee4ee369e38", "id": "CVE-2026-54264", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-54264 affects version 17.1.0 of @angular/compiler-cli." }, "affects": [ { "ref": "pkg:npm/%40angular/compiler-cli@17.1.0" } ] }, { "bom-ref": "urn:uuid:8686f7e8-01f1-5880-a0cf-11c1158caa29", "id": "CVE-2026-54265", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2026-54265 does not affect version 17.1.0 of @angular/compiler-cli. not_affected \u2014 Angular v17.1.0 does not have the TwoWayProperty IR operation that is the subject of CVE-2026-54265. Two-way bindings are desugared into separate property and event bindings before template pipeline processing, with the property half using the same parsePropertyBinding() code path as one-way property bindings, which are properly sanitized." }, "affects": [ { "ref": "pkg:npm/%40angular/compiler-cli@17.1.0" } ] }, { "bom-ref": "urn:uuid:27eca859-9e80-5c1d-8708-eb4d4719b604", "id": "CVE-2026-54266", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-54266 affects version 17.1.0 of @angular/compiler-cli." }, "affects": [ { "ref": "pkg:npm/%40angular/compiler-cli@17.1.0" } ] }, { "bom-ref": "urn:uuid:653b54de-0f55-5568-966a-3766454035f3", "id": "CVE-2026-54267", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-54267 affects version 17.1.0 of @angular/compiler-cli." }, "affects": [ { "ref": "pkg:npm/%40angular/compiler-cli@17.1.0" } ] }, { "bom-ref": "urn:uuid:810f42bc-9414-50b9-aab1-f6d2be8c603c", "id": "CVE-2026-54268", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-54268 affects version 17.1.0 of @angular/compiler-cli." }, "affects": [ { "ref": "pkg:npm/%40angular/compiler-cli@17.1.0" } ] } ], "dependencies": [ { "ref": "pkg:npm/%40angular/compiler-cli@17.1.0" } ] }