{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:fdfcbfaa-1e33-5057-aba9-72193e7623b4", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/%40angular/forms@17.1.0-tuxcare.1", "type": "library", "name": "@angular/forms", "version": "17.1.0-tuxcare.1", "purl": "pkg:npm/%40angular/forms@17.1.0-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:f49c8821-1d56-5fc2-8d56-6c4acb40946b", "id": "CVE-2017-16009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2017-16009 is fixed in version 17.1.0-tuxcare.1 of @angular/forms." }, "affects": [ { "ref": "pkg:npm/%40angular/forms@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d82396d0-0105-5bd0-ab88-dbb421948005", "id": "CVE-2025-59052", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-59052 affects version 17.1.0-tuxcare.1 of @angular/forms." }, "affects": [ { "ref": "pkg:npm/%40angular/forms@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:263d009f-3241-5d6c-aafc-74aa43887bea", "id": "CVE-2025-66035", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-66035 is fixed in version 17.1.0-tuxcare.1 of @angular/forms." }, "affects": [ { "ref": "pkg:npm/%40angular/forms@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a6bf08da-7842-50e4-ab11-074beada24d7", "id": "CVE-2025-66412", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66412 affects version 17.1.0-tuxcare.1 of @angular/forms." }, "affects": [ { "ref": "pkg:npm/%40angular/forms@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dd6a746b-4db2-5cfa-9871-1ca064c3f4c6", "id": "CVE-2026-22610", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22610 affects version 17.1.0-tuxcare.1 of @angular/forms." }, "affects": [ { "ref": "pkg:npm/%40angular/forms@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bffb877d-015b-5c80-8dc0-858914ba3993", "id": "CVE-2026-27970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-27970 affects version 17.1.0-tuxcare.1 of @angular/forms." }, "affects": [ { "ref": "pkg:npm/%40angular/forms@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:91bc66ca-9309-52c4-9803-414f9d2013e8", "id": "CVE-2026-32635", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32635 affects version 17.1.0-tuxcare.1 of @angular/forms." }, "affects": [ { "ref": "pkg:npm/%40angular/forms@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f1192d2b-e1f6-592a-b2cd-02adf04d112f", "id": "CVE-2026-41423", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41423 affects version 17.1.0-tuxcare.1 of @angular/forms." }, "affects": [ { "ref": "pkg:npm/%40angular/forms@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e9f78331-f62c-5087-999d-d5c5b3eb32b2", "id": "CVE-2026-46417", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-46417 affects version 17.1.0-tuxcare.1 of @angular/forms." }, "affects": [ { "ref": "pkg:npm/%40angular/forms@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b3beb5b3-b931-59f5-9305-c624c9498f7c", "id": "CVE-2026-50168", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50168 affects version 17.1.0-tuxcare.1 of @angular/forms." }, "affects": [ { "ref": "pkg:npm/%40angular/forms@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cbe0960c-5722-5ac4-bbf4-7173410307e5", "id": "CVE-2026-50169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50169 affects version 17.1.0-tuxcare.1 of @angular/forms." }, "affects": [ { "ref": "pkg:npm/%40angular/forms@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:18d9f6fa-18de-5f9e-b708-9365c795e207", "id": "CVE-2026-50170", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50170 affects version 17.1.0-tuxcare.1 of @angular/forms." }, "affects": [ { "ref": "pkg:npm/%40angular/forms@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:984014ac-9f2c-55ce-b7a3-30ed211349a4", "id": "CVE-2026-50171", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50171 affects version 17.1.0-tuxcare.1 of @angular/forms." }, "affects": [ { "ref": "pkg:npm/%40angular/forms@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1a6cb15f-975e-5b6b-9074-92d3348d0721", "id": "CVE-2026-50184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50184 affects version 17.1.0-tuxcare.1 of @angular/forms." }, "affects": [ { "ref": "pkg:npm/%40angular/forms@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5cc23174-66a0-5ad2-9cb7-52e546f15243", "id": "CVE-2026-50555", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50555 affects version 17.1.0-tuxcare.1 of @angular/forms." }, "affects": [ { "ref": "pkg:npm/%40angular/forms@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c27a237d-a900-5673-b98f-873bbe39ce59", "id": "CVE-2026-50556", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50556 affects version 17.1.0-tuxcare.1 of @angular/forms." }, "affects": [ { "ref": "pkg:npm/%40angular/forms@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e2ee1c78-9342-54e9-8262-b5f0e36cb1e5", "id": "CVE-2026-50557", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50557 affects version 17.1.0-tuxcare.1 of @angular/forms." }, "affects": [ { "ref": "pkg:npm/%40angular/forms@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:40901bde-0c0a-5ef0-ae27-9bfaf9e53238", "id": "CVE-2026-52725", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-52725 affects version 17.1.0-tuxcare.1 of @angular/forms." }, "affects": [ { "ref": "pkg:npm/%40angular/forms@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:60750f87-f068-5b13-b5e0-5dec5c91393c", "id": "CVE-2026-54264", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-54264 affects version 17.1.0-tuxcare.1 of @angular/forms." }, "affects": [ { "ref": "pkg:npm/%40angular/forms@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:555a0e39-b3b3-522a-9287-0082d0994d0c", "id": "CVE-2026-54265", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2026-54265 does not affect version 17.1.0-tuxcare.1 of @angular/forms. not_affected \u2014 Angular v17.1.0 does not have the TwoWayProperty IR operation that is the subject of CVE-2026-54265. Two-way bindings are desugared into separate property and event bindings before template pipeline processing, with the property half using the same parsePropertyBinding() code path as one-way property bindings, which are properly sanitized." }, "affects": [ { "ref": "pkg:npm/%40angular/forms@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b1dc5823-d9fc-52d3-ba40-bbc535ee1e7e", "id": "CVE-2026-54266", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-54266 affects version 17.1.0-tuxcare.1 of @angular/forms." }, "affects": [ { "ref": "pkg:npm/%40angular/forms@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cb4a11d6-0c29-5849-b432-78bbcb443622", "id": "CVE-2026-54267", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-54267 affects version 17.1.0-tuxcare.1 of @angular/forms." }, "affects": [ { "ref": "pkg:npm/%40angular/forms@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:767882a2-bdf6-5f55-a23d-a3d1ab4dc89c", "id": "CVE-2026-54268", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-54268 affects version 17.1.0-tuxcare.1 of @angular/forms." }, "affects": [ { "ref": "pkg:npm/%40angular/forms@17.1.0-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:npm/%40angular/forms@17.1.0-tuxcare.1" } ] }