{
  "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
  "bomFormat": "CycloneDX",
  "specVersion": "1.6",
  "serialNumber": "urn:uuid:6ee72bff-9b1d-5cf9-b5ba-9191eee10131",
  "version": 1,
  "metadata": {
    "tools": [
      {
        "name": "tuxcare-vex-generator",
        "version": "1.0.0"
      }
    ]
  },
  "components": [
    {
      "bom-ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.1",
      "type": "library",
      "name": "@vitejs/plugin-legacy",
      "version": "4.5.5-tuxcare.1",
      "purl": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.1"
    }
  ],
  "vulnerabilities": [
    {
      "bom-ref": "urn:uuid:ecefe65d-79d3-5e5e-b901-b5f6a5de2073",
      "id": "CVE-2024-23331",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-23331 affects version 4.5.5-tuxcare.1 of @vitejs/plugin-legacy."
      },
      "affects": [
        {
          "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:e91274c9-4d29-5614-ae06-849e2b76e0f4",
      "id": "CVE-2024-31207",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-31207 affects version 4.5.5-tuxcare.1 of @vitejs/plugin-legacy."
      },
      "affects": [
        {
          "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:534a9049-da08-5e8a-a49e-4ad2b8fc33de",
      "id": "CVE-2024-45811",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-45811 affects version 4.5.5-tuxcare.1 of @vitejs/plugin-legacy."
      },
      "affects": [
        {
          "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:e56f121a-f416-58e7-ad68-2707456562e9",
      "id": "CVE-2025-24010",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-24010 is fixed in version 4.5.5-tuxcare.1 of @vitejs/plugin-legacy."
      },
      "affects": [
        {
          "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:b733e99a-1c6c-5362-b17f-643df71c2e72",
      "id": "CVE-2025-30208",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-30208 is fixed in version 4.5.5-tuxcare.1 of @vitejs/plugin-legacy."
      },
      "affects": [
        {
          "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:9b8c0793-e131-5407-82a1-62540a7b0362",
      "id": "CVE-2025-31125",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-31125 is fixed in version 4.5.5-tuxcare.1 of @vitejs/plugin-legacy."
      },
      "affects": [
        {
          "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:2684f76c-390e-53de-a04f-6818d75c732d",
      "id": "CVE-2025-31486",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-31486 is fixed in version 4.5.5-tuxcare.1 of @vitejs/plugin-legacy."
      },
      "affects": [
        {
          "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:f4634815-a291-546e-b410-9ceb4f3c9711",
      "id": "CVE-2025-32395",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-32395 is fixed in version 4.5.5-tuxcare.1 of @vitejs/plugin-legacy."
      },
      "affects": [
        {
          "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:d622e4b1-9bf1-57a2-8e16-7e49a8c13b23",
      "id": "CVE-2025-46565",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-46565 is fixed in version 4.5.5-tuxcare.1 of @vitejs/plugin-legacy."
      },
      "affects": [
        {
          "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:344bad41-6566-5fc6-9214-d2aedf05f3fd",
      "id": "CVE-2025-58751",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2025-58751 affects version 4.5.5-tuxcare.1 of @vitejs/plugin-legacy."
      },
      "affects": [
        {
          "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:21b48564-8f93-5100-b850-ca935510981b",
      "id": "CVE-2025-58752",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-58752 is fixed in version 4.5.5-tuxcare.1 of @vitejs/plugin-legacy."
      },
      "affects": [
        {
          "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:8381a0a6-0179-5001-afb0-b13aa880f1c1",
      "id": "CVE-2025-62522",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2025-62522 affects version 4.5.5-tuxcare.1 of @vitejs/plugin-legacy."
      },
      "affects": [
        {
          "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:9fca40ce-48cd-5107-b576-441ba327715c",
      "id": "CVE-2026-39363",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-39363 affects version 4.5.5-tuxcare.1 of @vitejs/plugin-legacy."
      },
      "affects": [
        {
          "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:1161a8b5-d82b-5e6b-99e0-054f46c38bc2",
      "id": "CVE-2026-39364",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-39364 affects version 4.5.5-tuxcare.1 of @vitejs/plugin-legacy."
      },
      "affects": [
        {
          "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:17e54fed-40d7-5432-8f8e-4d94553e7ea8",
      "id": "CVE-2026-39365",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-39365 affects version 4.5.5-tuxcare.1 of @vitejs/plugin-legacy."
      },
      "affects": [
        {
          "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:f0d9cedb-7e39-5b49-8159-8e3545eec259",
      "id": "CVE-2026-53571",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-53571 affects version 4.5.5-tuxcare.1 of @vitejs/plugin-legacy."
      },
      "affects": [
        {
          "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:6cb166c0-0e88-56ee-b42a-a10a58452d8a",
      "id": "GHSA-4w7w-66w2-5vf9",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability GHSA-4w7w-66w2-5vf9 affects version 4.5.5-tuxcare.1 of @vitejs/plugin-legacy."
      },
      "affects": [
        {
          "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:bcea12f6-b874-559c-9d49-3474e8fe023c",
      "id": "GHSA-67mh-4wv8-2f99",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability GHSA-67mh-4wv8-2f99 affects version 4.5.5-tuxcare.1 of @vitejs/plugin-legacy."
      },
      "affects": [
        {
          "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:bbd22bd6-dc3f-5d5a-b4ba-42667d1fe6fc",
      "id": "GHSA-gv7w-rqvm-qjhr",
      "analysis": {
        "state": "false_positive",
        "detail": "Vulnerability GHSA-gv7w-rqvm-qjhr is a false positive for @vitejs/plugin-legacy 4.5.5-tuxcare.1. GHSA-gv7w-rqvm-qjhr in esbuild 0.18.20 is withdrawn. Refer to esbuild 0.18.20 for details."
      },
      "affects": [
        {
          "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:308c89ed-45d4-5987-bdb6-9634f7a38d7a",
      "id": "GHSA-v2wj-q39q-566r",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability GHSA-v2wj-q39q-566r affects version 4.5.5-tuxcare.1 of @vitejs/plugin-legacy."
      },
      "affects": [
        {
          "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.1"
        }
      ]
    }
  ],
  "dependencies": [
    {
      "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.1"
    }
  ]
}