{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:577b71d3-1338-550f-a94f-a384dc583c15", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/%40angular/elements@17.1.0", "type": "library", "name": "@angular/elements", "version": "17.1.0", "purl": "pkg:npm/%40angular/elements@17.1.0" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:1dea7a1a-a9fb-5593-b2f1-db1740a34bb9", "id": "CVE-2025-59052", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-59052 affects version 17.1.0 of @angular/elements." }, "affects": [ { "ref": "pkg:npm/%40angular/elements@17.1.0" } ] }, { "bom-ref": "urn:uuid:59e0cdb9-9deb-5a21-b5f4-d69b86ec5d9a", "id": "CVE-2025-66412", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66412 affects version 17.1.0 of @angular/elements." }, "affects": [ { "ref": "pkg:npm/%40angular/elements@17.1.0" } ] }, { "bom-ref": "urn:uuid:65acc98d-0a32-5dbc-8163-ea8f5747c566", "id": "CVE-2026-22610", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22610 affects version 17.1.0 of @angular/elements." }, "affects": [ { "ref": "pkg:npm/%40angular/elements@17.1.0" } ] }, { "bom-ref": "urn:uuid:2bda36db-f121-554d-b7fc-d3687ebdd3fb", "id": "CVE-2026-27970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-27970 affects version 17.1.0 of @angular/elements." }, "affects": [ { "ref": "pkg:npm/%40angular/elements@17.1.0" } ] }, { "bom-ref": "urn:uuid:be36b1b1-b320-5c60-88f8-cbb5ec34e302", "id": "CVE-2026-32635", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32635 affects version 17.1.0 of @angular/elements." }, "affects": [ { "ref": "pkg:npm/%40angular/elements@17.1.0" } ] }, { "bom-ref": "urn:uuid:4a8e8484-fcbe-53ae-b595-cd0df13d0747", "id": "CVE-2026-41423", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41423 affects version 17.1.0 of @angular/elements." }, "affects": [ { "ref": "pkg:npm/%40angular/elements@17.1.0" } ] }, { "bom-ref": "urn:uuid:9801272e-980d-5974-89ed-cbf0c5c4f828", "id": "CVE-2026-46417", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-46417 affects version 17.1.0 of @angular/elements." }, "affects": [ { "ref": "pkg:npm/%40angular/elements@17.1.0" } ] }, { "bom-ref": "urn:uuid:19de0d00-3f84-5e1b-a391-bfb658d30d2e", "id": "CVE-2026-50168", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50168 affects version 17.1.0 of @angular/elements." }, "affects": [ { "ref": "pkg:npm/%40angular/elements@17.1.0" } ] }, { "bom-ref": "urn:uuid:13e56a1d-857e-53d1-b167-df5e8cacf504", "id": "CVE-2026-50169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50169 affects version 17.1.0 of @angular/elements." }, "affects": [ { "ref": "pkg:npm/%40angular/elements@17.1.0" } ] }, { "bom-ref": "urn:uuid:ff445ac2-e7df-5e18-b9e8-b7c558694cfd", "id": "CVE-2026-50170", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50170 affects version 17.1.0 of @angular/elements." }, "affects": [ { "ref": "pkg:npm/%40angular/elements@17.1.0" } ] }, { "bom-ref": "urn:uuid:3ce78d5f-69f1-521c-bf55-a0b827deb632", "id": "CVE-2026-50171", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50171 affects version 17.1.0 of @angular/elements." }, "affects": [ { "ref": "pkg:npm/%40angular/elements@17.1.0" } ] }, { "bom-ref": "urn:uuid:e9e5b769-4307-5085-87ab-a4efc318d2e6", "id": "CVE-2026-50184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50184 affects version 17.1.0 of @angular/elements." }, "affects": [ { "ref": "pkg:npm/%40angular/elements@17.1.0" } ] }, { "bom-ref": "urn:uuid:00051aa3-a1f9-55d0-8a0b-d4d34a5ab005", "id": "CVE-2026-50555", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50555 affects version 17.1.0 of @angular/elements." }, "affects": [ { "ref": "pkg:npm/%40angular/elements@17.1.0" } ] }, { "bom-ref": "urn:uuid:dc92fb0d-7b9b-585e-94e1-48de587b6f53", "id": "CVE-2026-50556", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50556 affects version 17.1.0 of @angular/elements." }, "affects": [ { "ref": "pkg:npm/%40angular/elements@17.1.0" } ] }, { "bom-ref": "urn:uuid:b2393c97-260e-5a34-9515-dab424eedb9c", "id": "CVE-2026-50557", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50557 affects version 17.1.0 of @angular/elements." }, "affects": [ { "ref": "pkg:npm/%40angular/elements@17.1.0" } ] }, { "bom-ref": "urn:uuid:d314cafa-6df7-5c58-a3b0-bb6e63170972", "id": "CVE-2026-52725", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-52725 affects version 17.1.0 of @angular/elements." }, "affects": [ { "ref": "pkg:npm/%40angular/elements@17.1.0" } ] }, { "bom-ref": "urn:uuid:342d0add-9aee-5c6c-a7e8-e9e83248515f", "id": "CVE-2026-54264", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-54264 affects version 17.1.0 of @angular/elements." }, "affects": [ { "ref": "pkg:npm/%40angular/elements@17.1.0" } ] }, { "bom-ref": "urn:uuid:b420a30c-cd35-5dfc-a8b1-7dc049c8c658", "id": "CVE-2026-54265", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2026-54265 does not affect version 17.1.0 of @angular/elements. not_affected \u2014 Angular v17.1.0 does not have the TwoWayProperty IR operation that is the subject of CVE-2026-54265. Two-way bindings are desugared into separate property and event bindings before template pipeline processing, with the property half using the same parsePropertyBinding() code path as one-way property bindings, which are properly sanitized." }, "affects": [ { "ref": "pkg:npm/%40angular/elements@17.1.0" } ] }, { "bom-ref": "urn:uuid:c6f3306f-20d1-5770-836b-6d38622261cb", "id": "CVE-2026-54266", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-54266 affects version 17.1.0 of @angular/elements." }, "affects": [ { "ref": "pkg:npm/%40angular/elements@17.1.0" } ] }, { "bom-ref": "urn:uuid:a64e6cda-6644-5638-9f1b-d3cf5c2526de", "id": "CVE-2026-54267", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-54267 affects version 17.1.0 of @angular/elements." }, "affects": [ { "ref": "pkg:npm/%40angular/elements@17.1.0" } ] }, { "bom-ref": "urn:uuid:04ae2374-1b87-555c-8cd4-3eaf2d982f47", "id": "CVE-2026-54268", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-54268 affects version 17.1.0 of @angular/elements." }, "affects": [ { "ref": "pkg:npm/%40angular/elements@17.1.0" } ] } ], "dependencies": [ { "ref": "pkg:npm/%40angular/elements@17.1.0" } ] }