{
  "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
  "bomFormat": "CycloneDX",
  "specVersion": "1.6",
  "serialNumber": "urn:uuid:d585221c-3fb6-59b0-b6ee-1aee3f9c69a9",
  "version": 1,
  "metadata": {
    "tools": [
      {
        "name": "tuxcare-vex-generator",
        "version": "1.0.0"
      }
    ]
  },
  "components": [
    {
      "bom-ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.5",
      "type": "library",
      "name": "@vitejs/plugin-legacy",
      "version": "4.5.5-tuxcare.5",
      "purl": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.5"
    }
  ],
  "vulnerabilities": [
    {
      "bom-ref": "urn:uuid:777a1a4d-9f8b-56d0-9412-d864535bf603",
      "id": "CVE-2024-23331",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-23331 affects version 4.5.5-tuxcare.5 of @vitejs/plugin-legacy."
      },
      "affects": [
        {
          "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:b3de16f7-36f2-5a00-85a7-cd50c5153b44",
      "id": "CVE-2024-31207",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-31207 affects version 4.5.5-tuxcare.5 of @vitejs/plugin-legacy."
      },
      "affects": [
        {
          "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:4f48aeb3-74b3-5640-9007-ef0f4669b2f9",
      "id": "CVE-2024-45811",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-45811 affects version 4.5.5-tuxcare.5 of @vitejs/plugin-legacy."
      },
      "affects": [
        {
          "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:56fddeaa-58bb-57d4-85b1-4b22cb0cac3b",
      "id": "CVE-2025-24010",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-24010 is fixed in version 4.5.5-tuxcare.5 of @vitejs/plugin-legacy."
      },
      "affects": [
        {
          "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:636ea848-7230-517b-9b2a-a424307c976d",
      "id": "CVE-2025-30208",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-30208 is fixed in version 4.5.5-tuxcare.5 of @vitejs/plugin-legacy."
      },
      "affects": [
        {
          "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:f8e6476f-3945-5501-bcbc-73a80d1dd158",
      "id": "CVE-2025-31125",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-31125 is fixed in version 4.5.5-tuxcare.5 of @vitejs/plugin-legacy."
      },
      "affects": [
        {
          "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:af8ef8ce-3fe3-5988-8848-155f3c1a5b77",
      "id": "CVE-2025-31486",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-31486 is fixed in version 4.5.5-tuxcare.5 of @vitejs/plugin-legacy."
      },
      "affects": [
        {
          "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:ffc6dd82-0f4e-55b3-a5df-a98179e3a74c",
      "id": "CVE-2025-32395",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-32395 is fixed in version 4.5.5-tuxcare.5 of @vitejs/plugin-legacy."
      },
      "affects": [
        {
          "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:82b707c4-2d6c-5673-acc4-054b85549a49",
      "id": "CVE-2025-46565",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-46565 is fixed in version 4.5.5-tuxcare.5 of @vitejs/plugin-legacy."
      },
      "affects": [
        {
          "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:e5b1323a-3490-57a1-9cc5-7e89c005634a",
      "id": "CVE-2025-58751",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2025-58751 affects version 4.5.5-tuxcare.5 of @vitejs/plugin-legacy."
      },
      "affects": [
        {
          "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:109ec2d7-97c4-5376-bfce-9d65643f3e54",
      "id": "CVE-2025-58752",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-58752 is fixed in version 4.5.5-tuxcare.5 of @vitejs/plugin-legacy."
      },
      "affects": [
        {
          "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:6ab356fa-57ff-5991-9032-5216d52fea5f",
      "id": "CVE-2025-62522",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2025-62522 affects version 4.5.5-tuxcare.5 of @vitejs/plugin-legacy."
      },
      "affects": [
        {
          "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:db7b3150-223b-590c-a147-3a55280a3219",
      "id": "CVE-2026-39363",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-39363 affects version 4.5.5-tuxcare.5 of @vitejs/plugin-legacy."
      },
      "affects": [
        {
          "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:b5763d54-77a1-525c-b892-aa6253e5ccb6",
      "id": "CVE-2026-39364",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-39364 affects version 4.5.5-tuxcare.5 of @vitejs/plugin-legacy."
      },
      "affects": [
        {
          "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:07af02a1-de0c-5774-8d99-95f6a2619111",
      "id": "CVE-2026-39365",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-39365 affects version 4.5.5-tuxcare.5 of @vitejs/plugin-legacy."
      },
      "affects": [
        {
          "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:f064f742-cdde-5952-b7c5-b30c47b43570",
      "id": "CVE-2026-53571",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-53571 affects version 4.5.5-tuxcare.5 of @vitejs/plugin-legacy."
      },
      "affects": [
        {
          "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:eb723fbf-2621-5699-a1f9-5ef0e365f6c4",
      "id": "GHSA-4w7w-66w2-5vf9",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability GHSA-4w7w-66w2-5vf9 affects version 4.5.5-tuxcare.5 of @vitejs/plugin-legacy."
      },
      "affects": [
        {
          "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:3329072a-2673-5b24-ae01-9893b252d2a9",
      "id": "GHSA-67mh-4wv8-2f99",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability GHSA-67mh-4wv8-2f99 affects version 4.5.5-tuxcare.5 of @vitejs/plugin-legacy."
      },
      "affects": [
        {
          "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:83fca930-1969-56e4-a8bd-a7475b72a210",
      "id": "GHSA-gv7w-rqvm-qjhr",
      "analysis": {
        "state": "false_positive",
        "detail": "Vulnerability GHSA-gv7w-rqvm-qjhr is a false positive for @vitejs/plugin-legacy 4.5.5-tuxcare.5. GHSA-gv7w-rqvm-qjhr in esbuild 0.18.20 is withdrawn. Refer to esbuild 0.18.20 for details."
      },
      "affects": [
        {
          "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:0bcff8e3-baae-5d61-952f-d7da10f6589a",
      "id": "GHSA-v2wj-q39q-566r",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability GHSA-v2wj-q39q-566r affects version 4.5.5-tuxcare.5 of @vitejs/plugin-legacy."
      },
      "affects": [
        {
          "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.5"
        }
      ]
    }
  ],
  "dependencies": [
    {
      "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.5"
    }
  ]
}