{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:49952c16-f906-5ac6-aaa4-2e3b2601be0b", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.3", "type": "library", "name": "@vitejs/plugin-legacy", "version": "4.5.5-tuxcare.3", "purl": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:587c633c-c828-5797-86cc-a52aba3ec5e0", "id": "CVE-2024-23331", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23331 affects version 4.5.5-tuxcare.3 of @vitejs/plugin-legacy." }, "affects": [ { "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fcebd63b-4375-5705-81fa-708d22d4d5f0", "id": "CVE-2024-31207", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-31207 affects version 4.5.5-tuxcare.3 of @vitejs/plugin-legacy." }, "affects": [ { "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:be0f3a7d-1aad-579e-aee2-b8120d15050f", "id": "CVE-2024-45811", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-45811 affects version 4.5.5-tuxcare.3 of @vitejs/plugin-legacy." }, "affects": [ { "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3e516337-e011-58c4-aa5b-246767683e94", "id": "CVE-2025-24010", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24010 is fixed in version 4.5.5-tuxcare.3 of @vitejs/plugin-legacy." }, "affects": [ { "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b43d52fc-1fd6-56e3-93ac-0bc0b79cbaa4", "id": "CVE-2025-30208", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-30208 is fixed in version 4.5.5-tuxcare.3 of @vitejs/plugin-legacy." }, "affects": [ { "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:29d9a2fd-b475-50c9-91f3-1ed674785419", "id": "CVE-2025-31125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31125 is fixed in version 4.5.5-tuxcare.3 of @vitejs/plugin-legacy." }, "affects": [ { "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bf944d2d-ec3b-56dc-bd5c-2b222e6cefd6", "id": "CVE-2025-31486", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31486 is fixed in version 4.5.5-tuxcare.3 of @vitejs/plugin-legacy." }, "affects": [ { "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:89a2afb6-efc9-542a-8d68-62c72a94620b", "id": "CVE-2025-32395", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-32395 is fixed in version 4.5.5-tuxcare.3 of @vitejs/plugin-legacy." }, "affects": [ { "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:00d42195-3be7-5336-a66d-e75e03d62fe6", "id": "CVE-2025-46565", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46565 is fixed in version 4.5.5-tuxcare.3 of @vitejs/plugin-legacy." }, "affects": [ { "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f5596454-16fb-585b-b1f2-14cf83ba5fcf", "id": "CVE-2025-58751", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58751 affects version 4.5.5-tuxcare.3 of @vitejs/plugin-legacy." }, "affects": [ { "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:80d65c19-bbd6-59dc-ae27-f2c142207c11", "id": "CVE-2025-58752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-58752 is fixed in version 4.5.5-tuxcare.3 of @vitejs/plugin-legacy." }, "affects": [ { "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:61245220-292e-5f06-9067-21a4f3c41e33", "id": "CVE-2025-62522", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-62522 affects version 4.5.5-tuxcare.3 of @vitejs/plugin-legacy." }, "affects": [ { "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2e2f0c33-77ba-5255-9e2b-f78831fad7fe", "id": "CVE-2026-39363", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-39363 affects version 4.5.5-tuxcare.3 of @vitejs/plugin-legacy." }, "affects": [ { "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:03286ed6-bf87-5532-89be-7e903b8771af", "id": "CVE-2026-39364", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-39364 affects version 4.5.5-tuxcare.3 of @vitejs/plugin-legacy." }, "affects": [ { "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fdf2ff3f-cbce-56e5-83e4-ee98e68eae8a", "id": "CVE-2026-39365", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-39365 affects version 4.5.5-tuxcare.3 of @vitejs/plugin-legacy." }, "affects": [ { "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b725a141-44cb-54ec-9b7b-f28f0978943e", "id": "CVE-2026-53571", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-53571 affects version 4.5.5-tuxcare.3 of @vitejs/plugin-legacy." }, "affects": [ { "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:698aafeb-1810-52d3-a92a-686e43f9f6fb", "id": "GHSA-4w7w-66w2-5vf9", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-4w7w-66w2-5vf9 affects version 4.5.5-tuxcare.3 of @vitejs/plugin-legacy." }, "affects": [ { "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ce087943-8fc1-564a-b372-9eec0524aa4d", "id": "GHSA-67mh-4wv8-2f99", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-67mh-4wv8-2f99 affects version 4.5.5-tuxcare.3 of @vitejs/plugin-legacy." }, "affects": [ { "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a89e63de-f856-503f-807b-3be04bc8d176", "id": "GHSA-gv7w-rqvm-qjhr", "analysis": { "state": "false_positive", "detail": "Vulnerability GHSA-gv7w-rqvm-qjhr is a false positive for @vitejs/plugin-legacy 4.5.5-tuxcare.3. GHSA-gv7w-rqvm-qjhr in esbuild 0.18.20 is withdrawn. Refer to esbuild 0.18.20 for details." }, "affects": [ { "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:543baeee-7bb0-5377-95d7-f8c311bb624e", "id": "GHSA-v2wj-q39q-566r", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-v2wj-q39q-566r affects version 4.5.5-tuxcare.3 of @vitejs/plugin-legacy." }, "affects": [ { "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.3" } ] }