{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:5efc6169-8dcf-55c6-b3fa-1464b561ed71", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/%40remix-run/eslint-config@1.19.3-tuxcare.1", "type": "library", "name": "@remix-run/eslint-config", "version": "1.19.3-tuxcare.1", "purl": "pkg:npm/%40remix-run/eslint-config@1.19.3-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:9f82880e-0fca-53c6-b2f4-93fff1c5fdde", "id": "CVE-2025-24010", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24010 affects version 1.19.3-tuxcare.1 of @remix-run/eslint-config." }, "affects": [ { "ref": "pkg:npm/%40remix-run/eslint-config@1.19.3-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b43ac368-99bc-536b-9e49-8f4d7dc5989d", "id": "CVE-2025-32014", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-32014 affects version 1.19.3-tuxcare.1 of @remix-run/eslint-config." }, "affects": [ { "ref": "pkg:npm/%40remix-run/eslint-config@1.19.3-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ac4d37a7-fb4b-5fdb-95a3-960de494cbf6", "id": "CVE-2025-46565", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-46565 affects version 1.19.3-tuxcare.1 of @remix-run/eslint-config." }, "affects": [ { "ref": "pkg:npm/%40remix-run/eslint-config@1.19.3-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6a720dd5-cb20-55e8-91aa-e42126232391", "id": "CVE-2025-58751", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58751 affects version 1.19.3-tuxcare.1 of @remix-run/eslint-config." }, "affects": [ { "ref": "pkg:npm/%40remix-run/eslint-config@1.19.3-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:13e0aabd-9791-53fd-af19-d135282ada5c", "id": "CVE-2025-58752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58752 affects version 1.19.3-tuxcare.1 of @remix-run/eslint-config." }, "affects": [ { "ref": "pkg:npm/%40remix-run/eslint-config@1.19.3-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a49cf3cb-4845-5781-b8b7-5ff6050710ca", "id": "CVE-2025-59057", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-59057 is fixed in version 1.19.3-tuxcare.1 of @remix-run/eslint-config." }, "affects": [ { "ref": "pkg:npm/%40remix-run/eslint-config@1.19.3-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:52ee7a8d-15a9-53f3-bf3f-6bde7e0aaef2", "id": "CVE-2025-62522", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-62522 affects version 1.19.3-tuxcare.1 of @remix-run/eslint-config." }, "affects": [ { "ref": "pkg:npm/%40remix-run/eslint-config@1.19.3-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a20465bc-badc-5dc6-9177-43e304fa4822", "id": "CVE-2026-22030", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22030 affects version 1.19.3-tuxcare.1 of @remix-run/eslint-config." }, "affects": [ { "ref": "pkg:npm/%40remix-run/eslint-config@1.19.3-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ec53ac01-dacb-5c63-8819-2cc716409c01", "id": "CVE-2026-39363", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-39363 affects version 1.19.3-tuxcare.1 of @remix-run/eslint-config." }, "affects": [ { "ref": "pkg:npm/%40remix-run/eslint-config@1.19.3-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0e31795c-ea91-5225-9691-d477dcfae588", "id": "CVE-2026-39364", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-39364 affects version 1.19.3-tuxcare.1 of @remix-run/eslint-config." }, "affects": [ { "ref": "pkg:npm/%40remix-run/eslint-config@1.19.3-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c2414aec-41ee-5213-9e47-e96443b7185c", "id": "CVE-2026-39365", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-39365 affects version 1.19.3-tuxcare.1 of @remix-run/eslint-config." }, "affects": [ { "ref": "pkg:npm/%40remix-run/eslint-config@1.19.3-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a046b6ae-706e-5eed-b119-513889365a4e", "id": "GHSA-67mh-4wv8-2f99", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-67mh-4wv8-2f99 affects version 1.19.3-tuxcare.1 of @remix-run/eslint-config." }, "affects": [ { "ref": "pkg:npm/%40remix-run/eslint-config@1.19.3-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a7dd6153-aafa-5cdf-bb33-6aa622058572", "id": "GHSA-g7r4-m6w7-qqqr", "analysis": { "state": "not_affected", "detail": "Vulnerability GHSA-g7r4-m6w7-qqqr does not affect version 1.19.3-tuxcare.1 of @remix-run/eslint-config. not_affected \u2014 The target repository (Remix framework v1.19.3-tuxcare.1) is not affected by GHSA-g7r4-m6w7-qqqr. While esbuild v0.17.6 is a declared dependency, Remix does not use esbuild's development server functionality (the .serve() API with servedir) where the path traversal vulnerability exists. Remix uses esbuild exclusively for compilation/bundling and implements its own Express-based HTTP server for ..." }, "affects": [ { "ref": "pkg:npm/%40remix-run/eslint-config@1.19.3-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:45e924e5-3b6b-58a8-9517-e973023b1819", "id": "GHSA-gv7w-rqvm-qjhr", "analysis": { "state": "false_positive", "detail": "Vulnerability GHSA-gv7w-rqvm-qjhr is a false positive for @remix-run/eslint-config 1.19.3-tuxcare.1." }, "affects": [ { "ref": "pkg:npm/%40remix-run/eslint-config@1.19.3-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:npm/%40remix-run/eslint-config@1.19.3-tuxcare.1" } ] }