{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:2dd74516-1eee-54a0-a481-fda4ce4a1b29", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.7", "type": "library", "name": "@vitejs/plugin-legacy", "version": "4.5.5-tuxcare.7", "purl": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.7" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:3a739756-251f-5702-a78b-5daf4560da1d", "id": "CVE-2024-23331", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23331 affects version 4.5.5-tuxcare.7 of @vitejs/plugin-legacy." }, "affects": [ { "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:ac8fc5a3-604a-5488-9718-5024510eaf97", "id": "CVE-2024-31207", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-31207 affects version 4.5.5-tuxcare.7 of @vitejs/plugin-legacy." }, "affects": [ { "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:6cc49ee3-49d7-5e1b-8152-731ede025241", "id": "CVE-2024-45811", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-45811 affects version 4.5.5-tuxcare.7 of @vitejs/plugin-legacy." }, "affects": [ { "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:e90b79b7-765d-59b6-82ad-3f0e8ee8dd5d", "id": "CVE-2025-24010", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24010 is fixed in version 4.5.5-tuxcare.7 of @vitejs/plugin-legacy." }, "affects": [ { "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:eb130fc4-03ee-5f6e-89ec-696991f62308", "id": "CVE-2025-30208", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-30208 is fixed in version 4.5.5-tuxcare.7 of @vitejs/plugin-legacy." }, "affects": [ { "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:1c81432d-fdce-5f52-984d-9166a1154ddd", "id": "CVE-2025-31125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31125 is fixed in version 4.5.5-tuxcare.7 of @vitejs/plugin-legacy." }, "affects": [ { "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:51070910-317d-5989-bfa8-310eb7e0c45e", "id": "CVE-2025-31486", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31486 is fixed in version 4.5.5-tuxcare.7 of @vitejs/plugin-legacy." }, "affects": [ { "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:1ec479e6-d433-5d24-9f03-dbf211884f6b", "id": "CVE-2025-32395", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-32395 is fixed in version 4.5.5-tuxcare.7 of @vitejs/plugin-legacy." }, "affects": [ { "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:c1ba87a9-ed28-5717-b128-406405ffa36e", "id": "CVE-2025-46565", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46565 is fixed in version 4.5.5-tuxcare.7 of @vitejs/plugin-legacy." }, "affects": [ { "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:690c63af-3cdf-5afe-a857-62178b883f0f", "id": "CVE-2025-58751", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58751 affects version 4.5.5-tuxcare.7 of @vitejs/plugin-legacy." }, "affects": [ { "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:fdd63bce-f541-5105-8f35-b25601392df7", "id": "CVE-2025-58752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-58752 is fixed in version 4.5.5-tuxcare.7 of @vitejs/plugin-legacy." }, "affects": [ { "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:93e2c736-f1e2-530f-b519-73c3f4a2728c", "id": "CVE-2025-62522", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-62522 is fixed in version 4.5.5-tuxcare.7 of @vitejs/plugin-legacy." }, "affects": [ { "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:c648bf03-90f2-5b56-a4ea-fbd574d5e467", "id": "CVE-2026-39363", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-39363 affects version 4.5.5-tuxcare.7 of @vitejs/plugin-legacy." }, "affects": [ { "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:187af8ad-645c-5656-9910-e32fd06fce69", "id": "CVE-2026-39364", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-39364 affects version 4.5.5-tuxcare.7 of @vitejs/plugin-legacy." }, "affects": [ { "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:74493974-e38a-5586-a37e-4545b831cc7a", "id": "CVE-2026-39365", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-39365 affects version 4.5.5-tuxcare.7 of @vitejs/plugin-legacy." }, "affects": [ { "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:772c77ed-7404-5f8c-90d6-79053c4c1de9", "id": "CVE-2026-53571", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-53571 affects version 4.5.5-tuxcare.7 of @vitejs/plugin-legacy." }, "affects": [ { "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:e04a459c-e3aa-505e-be0d-e0a05e33e123", "id": "GHSA-4w7w-66w2-5vf9", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-4w7w-66w2-5vf9 is fixed in version 4.5.5-tuxcare.7 of @vitejs/plugin-legacy." }, "affects": [ { "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:12bc431d-b1df-57cd-9bb6-94345ef075b5", "id": "GHSA-67mh-4wv8-2f99", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-67mh-4wv8-2f99 affects version 4.5.5-tuxcare.7 of @vitejs/plugin-legacy." }, "affects": [ { "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:741edd88-c8fb-5864-ace2-70449998ffe8", "id": "GHSA-gv7w-rqvm-qjhr", "analysis": { "state": "false_positive", "detail": "Vulnerability GHSA-gv7w-rqvm-qjhr is a false positive for @vitejs/plugin-legacy 4.5.5-tuxcare.7. GHSA-gv7w-rqvm-qjhr in esbuild 0.18.20 is withdrawn. Refer to esbuild 0.18.20 for details." }, "affects": [ { "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:4a01ec87-2fcd-5a7c-b0d6-5ab58702ea02", "id": "GHSA-v2wj-q39q-566r", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-v2wj-q39q-566r is fixed in version 4.5.5-tuxcare.7 of @vitejs/plugin-legacy." }, "affects": [ { "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.7" } ] } ], "dependencies": [ { "ref": "pkg:npm/%40vitejs/plugin-legacy@4.5.5-tuxcare.7" } ] }