{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:ba1e226a-46f2-5f9d-a5b8-5bd1d3be95b6", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/%40angular/router@17.1.0-tuxcare.1", "type": "library", "name": "@angular/router", "version": "17.1.0-tuxcare.1", "purl": "pkg:npm/%40angular/router@17.1.0-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:5b2ce993-2f70-5955-b8b2-9808e105f169", "id": "CVE-2017-16009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2017-16009 is fixed in version 17.1.0-tuxcare.1 of @angular/router." }, "affects": [ { "ref": "pkg:npm/%40angular/router@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cec9be17-0530-5268-80d2-b3efec61b659", "id": "CVE-2025-59052", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-59052 affects version 17.1.0-tuxcare.1 of @angular/router." }, "affects": [ { "ref": "pkg:npm/%40angular/router@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8d05d757-64ec-5b16-a23c-11b1e5ac81c7", "id": "CVE-2025-66035", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-66035 is fixed in version 17.1.0-tuxcare.1 of @angular/router." }, "affects": [ { "ref": "pkg:npm/%40angular/router@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e44b7dfe-b6bf-5160-b11d-9cb03c26e9a9", "id": "CVE-2025-66412", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66412 affects version 17.1.0-tuxcare.1 of @angular/router." }, "affects": [ { "ref": "pkg:npm/%40angular/router@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c0c5e7f8-3bd9-5302-9142-17592223115a", "id": "CVE-2026-22610", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22610 affects version 17.1.0-tuxcare.1 of @angular/router." }, "affects": [ { "ref": "pkg:npm/%40angular/router@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:53e15466-e792-515f-948f-a499b07b9766", "id": "CVE-2026-27970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-27970 affects version 17.1.0-tuxcare.1 of @angular/router." }, "affects": [ { "ref": "pkg:npm/%40angular/router@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:de377727-f9e3-5eb9-b141-5d84d26ffceb", "id": "CVE-2026-32635", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32635 affects version 17.1.0-tuxcare.1 of @angular/router." }, "affects": [ { "ref": "pkg:npm/%40angular/router@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:194b527e-6a67-5cd8-91f2-fc1d3d884aac", "id": "CVE-2026-41423", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41423 affects version 17.1.0-tuxcare.1 of @angular/router." }, "affects": [ { "ref": "pkg:npm/%40angular/router@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ffeb5aa8-7169-5a2b-981c-76addf2672e7", "id": "CVE-2026-46417", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-46417 affects version 17.1.0-tuxcare.1 of @angular/router." }, "affects": [ { "ref": "pkg:npm/%40angular/router@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ae86128e-5b0c-53ae-8940-39f70c39bb01", "id": "CVE-2026-50168", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50168 affects version 17.1.0-tuxcare.1 of @angular/router." }, "affects": [ { "ref": "pkg:npm/%40angular/router@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cc42a643-a744-592a-9e73-befaa5e4e77c", "id": "CVE-2026-50169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50169 affects version 17.1.0-tuxcare.1 of @angular/router." }, "affects": [ { "ref": "pkg:npm/%40angular/router@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0ba0b05f-4ad1-5ce7-8857-7adf75c34b7f", "id": "CVE-2026-50170", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50170 affects version 17.1.0-tuxcare.1 of @angular/router." }, "affects": [ { "ref": "pkg:npm/%40angular/router@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c1baca2f-2182-5b93-b70e-1c5fa9e5c986", "id": "CVE-2026-50171", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50171 affects version 17.1.0-tuxcare.1 of @angular/router." }, "affects": [ { "ref": "pkg:npm/%40angular/router@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b24eb42e-d09e-5054-bda7-0d0543a70d48", "id": "CVE-2026-50184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50184 affects version 17.1.0-tuxcare.1 of @angular/router." }, "affects": [ { "ref": "pkg:npm/%40angular/router@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:13b44ffa-3cbf-514c-b752-9ec0f54d3895", "id": "CVE-2026-50555", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50555 affects version 17.1.0-tuxcare.1 of @angular/router." }, "affects": [ { "ref": "pkg:npm/%40angular/router@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:89675bf6-22d8-5abb-a000-26c850043d8b", "id": "CVE-2026-50556", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50556 affects version 17.1.0-tuxcare.1 of @angular/router." }, "affects": [ { "ref": "pkg:npm/%40angular/router@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8d6c050d-b00d-56f4-8641-ad87d3148828", "id": "CVE-2026-50557", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50557 affects version 17.1.0-tuxcare.1 of @angular/router." }, "affects": [ { "ref": "pkg:npm/%40angular/router@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:69dc006f-ac59-5bea-974a-849faa088087", "id": "CVE-2026-52725", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-52725 affects version 17.1.0-tuxcare.1 of @angular/router." }, "affects": [ { "ref": "pkg:npm/%40angular/router@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9923e4d1-9ec4-53a7-8b55-32858b798661", "id": "CVE-2026-54264", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-54264 affects version 17.1.0-tuxcare.1 of @angular/router." }, "affects": [ { "ref": "pkg:npm/%40angular/router@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4fee1ce1-5bb1-565b-b3ae-5f1dd668ad71", "id": "CVE-2026-54265", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2026-54265 does not affect version 17.1.0-tuxcare.1 of @angular/router. not_affected \u2014 Angular v17.1.0 does not have the TwoWayProperty IR operation that is the subject of CVE-2026-54265. Two-way bindings are desugared into separate property and event bindings before template pipeline processing, with the property half using the same parsePropertyBinding() code path as one-way property bindings, which are properly sanitized." }, "affects": [ { "ref": "pkg:npm/%40angular/router@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:83cb95f9-4427-51b0-9163-6b5343cee9dc", "id": "CVE-2026-54266", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-54266 affects version 17.1.0-tuxcare.1 of @angular/router." }, "affects": [ { "ref": "pkg:npm/%40angular/router@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:16d3a4c4-8f13-571f-acc7-5e1586e5ac17", "id": "CVE-2026-54267", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-54267 affects version 17.1.0-tuxcare.1 of @angular/router." }, "affects": [ { "ref": "pkg:npm/%40angular/router@17.1.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e972b199-ee0c-583e-b51a-0131f8717cd2", "id": "CVE-2026-54268", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-54268 affects version 17.1.0-tuxcare.1 of @angular/router." }, "affects": [ { "ref": "pkg:npm/%40angular/router@17.1.0-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:npm/%40angular/router@17.1.0-tuxcare.1" } ] }