{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:df952c57-050c-5565-97af-0f8ce71fd1c5", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/%40angular/router@17.1.0", "type": "library", "name": "@angular/router", "version": "17.1.0", "purl": "pkg:npm/%40angular/router@17.1.0" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:c2a1b71d-2fe2-5e84-8282-9904b8ccad3c", "id": "CVE-2025-59052", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-59052 affects version 17.1.0 of @angular/router." }, "affects": [ { "ref": "pkg:npm/%40angular/router@17.1.0" } ] }, { "bom-ref": "urn:uuid:b7787d31-0a59-5313-96f0-cfd3dfc4c33e", "id": "CVE-2025-66412", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-66412 affects version 17.1.0 of @angular/router." }, "affects": [ { "ref": "pkg:npm/%40angular/router@17.1.0" } ] }, { "bom-ref": "urn:uuid:8594711f-415a-584e-a366-fe32b808aaae", "id": "CVE-2026-22610", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22610 affects version 17.1.0 of @angular/router." }, "affects": [ { "ref": "pkg:npm/%40angular/router@17.1.0" } ] }, { "bom-ref": "urn:uuid:afc2b070-0e49-54a3-bf68-aa0353a93ed8", "id": "CVE-2026-27970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-27970 affects version 17.1.0 of @angular/router." }, "affects": [ { "ref": "pkg:npm/%40angular/router@17.1.0" } ] }, { "bom-ref": "urn:uuid:7ac00b2e-f8d6-5705-af45-14d6c6ae581a", "id": "CVE-2026-32635", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32635 affects version 17.1.0 of @angular/router." }, "affects": [ { "ref": "pkg:npm/%40angular/router@17.1.0" } ] }, { "bom-ref": "urn:uuid:314d6177-afdb-5130-9f8e-c3d7e1d60e0a", "id": "CVE-2026-41423", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41423 affects version 17.1.0 of @angular/router." }, "affects": [ { "ref": "pkg:npm/%40angular/router@17.1.0" } ] }, { "bom-ref": "urn:uuid:54815899-dac5-5396-865c-fff0cd2fe0d7", "id": "CVE-2026-46417", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-46417 affects version 17.1.0 of @angular/router." }, "affects": [ { "ref": "pkg:npm/%40angular/router@17.1.0" } ] }, { "bom-ref": "urn:uuid:8128266a-976e-5058-aab0-309657a55832", "id": "CVE-2026-50168", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50168 affects version 17.1.0 of @angular/router." }, "affects": [ { "ref": "pkg:npm/%40angular/router@17.1.0" } ] }, { "bom-ref": "urn:uuid:cf9a480d-b105-555b-81ea-2bfb5a412af9", "id": "CVE-2026-50169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50169 affects version 17.1.0 of @angular/router." }, "affects": [ { "ref": "pkg:npm/%40angular/router@17.1.0" } ] }, { "bom-ref": "urn:uuid:1d72121c-7806-5d87-b8c5-d5a05bd9b4a9", "id": "CVE-2026-50170", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50170 affects version 17.1.0 of @angular/router." }, "affects": [ { "ref": "pkg:npm/%40angular/router@17.1.0" } ] }, { "bom-ref": "urn:uuid:b0545b9f-b90f-5a46-b327-5b15b863d914", "id": "CVE-2026-50171", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50171 affects version 17.1.0 of @angular/router." }, "affects": [ { "ref": "pkg:npm/%40angular/router@17.1.0" } ] }, { "bom-ref": "urn:uuid:ec582c07-1070-5058-bf67-a97344a00ef4", "id": "CVE-2026-50184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50184 affects version 17.1.0 of @angular/router." }, "affects": [ { "ref": "pkg:npm/%40angular/router@17.1.0" } ] }, { "bom-ref": "urn:uuid:194fa705-9db9-56c2-9951-9288d6f45416", "id": "CVE-2026-50555", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50555 affects version 17.1.0 of @angular/router." }, "affects": [ { "ref": "pkg:npm/%40angular/router@17.1.0" } ] }, { "bom-ref": "urn:uuid:9c888940-3046-5d2e-968f-9431c8266ba9", "id": "CVE-2026-50556", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50556 affects version 17.1.0 of @angular/router." }, "affects": [ { "ref": "pkg:npm/%40angular/router@17.1.0" } ] }, { "bom-ref": "urn:uuid:55b98a5c-4563-5fa7-8b17-3c2e8e2d0ffd", "id": "CVE-2026-50557", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-50557 affects version 17.1.0 of @angular/router." }, "affects": [ { "ref": "pkg:npm/%40angular/router@17.1.0" } ] }, { "bom-ref": "urn:uuid:d8d7959e-d9d8-5660-a450-1703d0f9d218", "id": "CVE-2026-52725", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-52725 affects version 17.1.0 of @angular/router." }, "affects": [ { "ref": "pkg:npm/%40angular/router@17.1.0" } ] }, { "bom-ref": "urn:uuid:0d51c1e2-7260-550c-9e09-62a70b7656b9", "id": "CVE-2026-54264", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-54264 affects version 17.1.0 of @angular/router." }, "affects": [ { "ref": "pkg:npm/%40angular/router@17.1.0" } ] }, { "bom-ref": "urn:uuid:383db655-b9ad-5d3c-b88a-15f67801edd4", "id": "CVE-2026-54265", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2026-54265 does not affect version 17.1.0 of @angular/router. not_affected \u2014 Angular v17.1.0 does not have the TwoWayProperty IR operation that is the subject of CVE-2026-54265. Two-way bindings are desugared into separate property and event bindings before template pipeline processing, with the property half using the same parsePropertyBinding() code path as one-way property bindings, which are properly sanitized." }, "affects": [ { "ref": "pkg:npm/%40angular/router@17.1.0" } ] }, { "bom-ref": "urn:uuid:8cb335a6-c881-5c9a-a34f-6334cd2deb84", "id": "CVE-2026-54266", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-54266 affects version 17.1.0 of @angular/router." }, "affects": [ { "ref": "pkg:npm/%40angular/router@17.1.0" } ] }, { "bom-ref": "urn:uuid:b0a5ea30-1fde-5960-8740-7f9c6960b5bc", "id": "CVE-2026-54267", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-54267 affects version 17.1.0 of @angular/router." }, "affects": [ { "ref": "pkg:npm/%40angular/router@17.1.0" } ] }, { "bom-ref": "urn:uuid:fa7c80aa-aa13-5535-bb8e-62e4ab806fea", "id": "CVE-2026-54268", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-54268 affects version 17.1.0 of @angular/router." }, "affects": [ { "ref": "pkg:npm/%40angular/router@17.1.0" } ] } ], "dependencies": [ { "ref": "pkg:npm/%40angular/router@17.1.0" } ] }