{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:7de9bda4-8908-58f9-b4d1-de31ff50c8ff", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/%40angular/elements@17.1.0-tuxcare.1", "type": "library", "name": "@angular/elements", "version": "17.1.0-tuxcare.1", "purl": "pkg:npm/%40angular/elements@17.1.0-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:67f61a1e-198d-576a-b3ec-43f301510a79", "id": "CVE-2017-16009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2017-16009 is fixed in version 17.1.0-tuxcare.1 of @angular/elements." }, "affects": [ { "ref": "pkg:npm/%40angular/elements@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2e8d6c66-895a-5162-be08-6f6365fea9a7", "id": "CVE-2025-59052", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-59052 affects version 17.1.0-tuxcare.1 of @angular/elements." }, "affects": [ { "ref": "pkg:npm/%40angular/elements@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8caa2b06-400d-5d27-a53a-5236117f8793", "id": "CVE-2025-66035", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-66035 is fixed in version 17.1.0-tuxcare.1 of @angular/elements." }, "affects": [ { "ref": "pkg:npm/%40angular/elements@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8d83af00-4399-54cc-bb27-3f65d6594219", "id": "CVE-2025-66412", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66412 affects version 17.1.0-tuxcare.1 of @angular/elements." }, "affects": [ { "ref": "pkg:npm/%40angular/elements@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:21973696-3ba1-50e9-adda-37a768023175", "id": "CVE-2026-22610", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22610 affects version 17.1.0-tuxcare.1 of @angular/elements." }, "affects": [ { "ref": "pkg:npm/%40angular/elements@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e199d1de-122e-5abd-a6f0-08d8a27e9496", "id": "CVE-2026-27970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-27970 affects version 17.1.0-tuxcare.1 of @angular/elements." }, "affects": [ { "ref": "pkg:npm/%40angular/elements@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:75f59912-3e52-5a76-b1ec-70d4c894af1b", "id": "CVE-2026-32635", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32635 affects version 17.1.0-tuxcare.1 of @angular/elements." }, "affects": [ { "ref": "pkg:npm/%40angular/elements@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2afc32af-c3cd-5f20-94f4-6148ea2509fc", "id": "CVE-2026-41423", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41423 affects version 17.1.0-tuxcare.1 of @angular/elements." }, "affects": [ { "ref": "pkg:npm/%40angular/elements@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c21bd045-b458-5827-ad06-c5d31fe00799", "id": "CVE-2026-46417", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-46417 affects version 17.1.0-tuxcare.1 of @angular/elements." }, "affects": [ { "ref": "pkg:npm/%40angular/elements@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:45ac1027-1e2a-5f04-a34d-fdab0c60f490", "id": "CVE-2026-50168", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50168 affects version 17.1.0-tuxcare.1 of @angular/elements." }, "affects": [ { "ref": "pkg:npm/%40angular/elements@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:aaf055df-d07d-5824-b507-ba162707abb7", "id": "CVE-2026-50169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50169 affects version 17.1.0-tuxcare.1 of @angular/elements." }, "affects": [ { "ref": "pkg:npm/%40angular/elements@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1ae710da-0b24-56f6-9549-c775b74df556", "id": "CVE-2026-50170", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50170 affects version 17.1.0-tuxcare.1 of @angular/elements." }, "affects": [ { "ref": "pkg:npm/%40angular/elements@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:232c808e-6a0e-5e66-a024-17f9915c3e07", "id": "CVE-2026-50171", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50171 affects version 17.1.0-tuxcare.1 of @angular/elements." }, "affects": [ { "ref": "pkg:npm/%40angular/elements@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:296ebd0a-d06d-574e-8b3c-7173a9fe516f", "id": "CVE-2026-50184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50184 affects version 17.1.0-tuxcare.1 of @angular/elements." }, "affects": [ { "ref": "pkg:npm/%40angular/elements@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1d6509aa-2f59-5547-bdf8-a39f2871e4b1", "id": "CVE-2026-50555", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50555 affects version 17.1.0-tuxcare.1 of @angular/elements." }, "affects": [ { "ref": "pkg:npm/%40angular/elements@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3125efad-7d1b-5fee-8d10-6e67fc987a89", "id": "CVE-2026-50556", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50556 affects version 17.1.0-tuxcare.1 of @angular/elements." }, "affects": [ { "ref": "pkg:npm/%40angular/elements@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:65091e8d-34fd-5e0c-b754-75e420b00f6b", "id": "CVE-2026-50557", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50557 affects version 17.1.0-tuxcare.1 of @angular/elements." }, "affects": [ { "ref": "pkg:npm/%40angular/elements@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0c9d3115-0d6e-5ada-94c0-352b3633acb3", "id": "CVE-2026-52725", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-52725 affects version 17.1.0-tuxcare.1 of @angular/elements." }, "affects": [ { "ref": "pkg:npm/%40angular/elements@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:44f16729-5c98-5da7-855d-599e5640f0cc", "id": "CVE-2026-54264", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-54264 affects version 17.1.0-tuxcare.1 of @angular/elements." }, "affects": [ { "ref": "pkg:npm/%40angular/elements@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ce3d1f9a-ae65-53d1-b89c-c2f0d8536c5a", "id": "CVE-2026-54265", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2026-54265 does not affect version 17.1.0-tuxcare.1 of @angular/elements. not_affected \u2014 Angular v17.1.0 does not have the TwoWayProperty IR operation that is the subject of CVE-2026-54265. Two-way bindings are desugared into separate property and event bindings before template pipeline processing, with the property half using the same parsePropertyBinding() code path as one-way property bindings, which are properly sanitized." }, "affects": [ { "ref": "pkg:npm/%40angular/elements@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:33de2ec0-1fab-5c3d-909f-c680f5d0f383", "id": "CVE-2026-54266", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-54266 affects version 17.1.0-tuxcare.1 of @angular/elements." }, "affects": [ { "ref": "pkg:npm/%40angular/elements@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ef44a079-e59f-5d81-8d87-46308d91d825", "id": "CVE-2026-54267", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-54267 affects version 17.1.0-tuxcare.1 of @angular/elements." }, "affects": [ { "ref": "pkg:npm/%40angular/elements@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:492dcf9b-29ea-5c48-bbc1-169208d7e3fc", "id": "CVE-2026-54268", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-54268 affects version 17.1.0-tuxcare.1 of @angular/elements." }, "affects": [ { "ref": "pkg:npm/%40angular/elements@17.1.0-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:npm/%40angular/elements@17.1.0-tuxcare.1" } ] }