{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:79346cb8-4af2-5fd9-b2e0-da6fb948f75a", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/%40angular/localize@17.1.0-tuxcare.1", "type": "library", "name": "@angular/localize", "version": "17.1.0-tuxcare.1", "purl": "pkg:npm/%40angular/localize@17.1.0-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:fba654a4-d7af-5b12-82bc-c5286dcc2e70", "id": "CVE-2017-16009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2017-16009 is fixed in version 17.1.0-tuxcare.1 of @angular/localize." }, "affects": [ { "ref": "pkg:npm/%40angular/localize@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5cd31bc7-37a9-5fc6-840b-da9ad061f757", "id": "CVE-2025-59052", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-59052 affects version 17.1.0-tuxcare.1 of @angular/localize." }, "affects": [ { "ref": "pkg:npm/%40angular/localize@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0bd93005-8d71-51ed-8cf0-179c3035b71f", "id": "CVE-2025-66035", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-66035 is fixed in version 17.1.0-tuxcare.1 of @angular/localize." }, "affects": [ { "ref": "pkg:npm/%40angular/localize@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8ec9ea3d-d2b0-531c-aff3-21f4026de187", "id": "CVE-2025-66412", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66412 affects version 17.1.0-tuxcare.1 of @angular/localize." }, "affects": [ { "ref": "pkg:npm/%40angular/localize@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7b4b5610-4cba-5b2f-9872-545b84eddf26", "id": "CVE-2026-22610", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22610 affects version 17.1.0-tuxcare.1 of @angular/localize." }, "affects": [ { "ref": "pkg:npm/%40angular/localize@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:eb27fa3f-928e-5dda-ad43-a6e33a305623", "id": "CVE-2026-27970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-27970 affects version 17.1.0-tuxcare.1 of @angular/localize." }, "affects": [ { "ref": "pkg:npm/%40angular/localize@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c2b18b10-ff5f-5463-9965-e7e2789fff1e", "id": "CVE-2026-32635", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32635 affects version 17.1.0-tuxcare.1 of @angular/localize." }, "affects": [ { "ref": "pkg:npm/%40angular/localize@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b048cc19-493a-50f5-8b03-2139152e733a", "id": "CVE-2026-41423", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41423 affects version 17.1.0-tuxcare.1 of @angular/localize." }, "affects": [ { "ref": "pkg:npm/%40angular/localize@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:06cc564f-a00e-51e8-964f-970ffc3b3c35", "id": "CVE-2026-46417", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-46417 affects version 17.1.0-tuxcare.1 of @angular/localize." }, "affects": [ { "ref": "pkg:npm/%40angular/localize@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ccb634c0-af44-5162-ada4-4ec7d9854955", "id": "CVE-2026-50168", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50168 affects version 17.1.0-tuxcare.1 of @angular/localize." }, "affects": [ { "ref": "pkg:npm/%40angular/localize@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7f5829e6-b66e-5eee-b72e-3bf95709acd5", "id": "CVE-2026-50169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50169 affects version 17.1.0-tuxcare.1 of @angular/localize." }, "affects": [ { "ref": "pkg:npm/%40angular/localize@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f29fd81c-4871-503a-a2e6-30606cc93ad3", "id": "CVE-2026-50170", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50170 affects version 17.1.0-tuxcare.1 of @angular/localize." }, "affects": [ { "ref": "pkg:npm/%40angular/localize@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:26e143d6-3451-5266-a53e-e9a6083659a6", "id": "CVE-2026-50171", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50171 affects version 17.1.0-tuxcare.1 of @angular/localize." }, "affects": [ { "ref": "pkg:npm/%40angular/localize@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2450ca1f-5d4d-578a-816a-1ca84b2b4c00", "id": "CVE-2026-50184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50184 affects version 17.1.0-tuxcare.1 of @angular/localize." }, "affects": [ { "ref": "pkg:npm/%40angular/localize@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:74f3af69-55e4-5598-b236-c334d17b8811", "id": "CVE-2026-50555", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50555 affects version 17.1.0-tuxcare.1 of @angular/localize." }, "affects": [ { "ref": "pkg:npm/%40angular/localize@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6b5e28f0-d81b-5f79-8eac-d43714bbfbd1", "id": "CVE-2026-50556", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50556 affects version 17.1.0-tuxcare.1 of @angular/localize." }, "affects": [ { "ref": "pkg:npm/%40angular/localize@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3aa3401d-a74c-5138-88aa-6975b9a896f4", "id": "CVE-2026-50557", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50557 affects version 17.1.0-tuxcare.1 of @angular/localize." }, "affects": [ { "ref": "pkg:npm/%40angular/localize@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c2b0c495-be20-5db1-974d-c18623476d34", "id": "CVE-2026-52725", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-52725 affects version 17.1.0-tuxcare.1 of @angular/localize." }, "affects": [ { "ref": "pkg:npm/%40angular/localize@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d0ac0373-a517-5c13-91e6-ff496f6a24bc", "id": "CVE-2026-54264", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-54264 affects version 17.1.0-tuxcare.1 of @angular/localize." }, "affects": [ { "ref": "pkg:npm/%40angular/localize@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6354acb4-7ce3-5827-9f33-356166af134e", "id": "CVE-2026-54265", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2026-54265 does not affect version 17.1.0-tuxcare.1 of @angular/localize. not_affected \u2014 Angular v17.1.0 does not have the TwoWayProperty IR operation that is the subject of CVE-2026-54265. Two-way bindings are desugared into separate property and event bindings before template pipeline processing, with the property half using the same parsePropertyBinding() code path as one-way property bindings, which are properly sanitized." }, "affects": [ { "ref": "pkg:npm/%40angular/localize@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:187c5a64-fc33-5c0b-9a5d-d1a90c1990bd", "id": "CVE-2026-54266", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-54266 affects version 17.1.0-tuxcare.1 of @angular/localize." }, "affects": [ { "ref": "pkg:npm/%40angular/localize@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cbd2b9c3-6633-5953-a05f-b394e627c8cf", "id": "CVE-2026-54267", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-54267 affects version 17.1.0-tuxcare.1 of @angular/localize." }, "affects": [ { "ref": "pkg:npm/%40angular/localize@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:74a2a06f-e591-5791-a6f7-c86116b3040d", "id": "CVE-2026-54268", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-54268 affects version 17.1.0-tuxcare.1 of @angular/localize." }, "affects": [ { "ref": "pkg:npm/%40angular/localize@17.1.0-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:npm/%40angular/localize@17.1.0-tuxcare.1" } ] }