{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:b6ef0b3f-7166-5542-a8a8-3092a9c0f4f6", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/dompurify@3.0.3-tuxcare.1", "type": "library", "name": "dompurify", "version": "3.0.3-tuxcare.1", "purl": "pkg:npm/dompurify@3.0.3-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:e5711598-59a8-5f3c-9abf-4a2aae6b1aec", "id": "CVE-2015-8861", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-8861 is fixed in version 3.0.3-tuxcare.1 of dompurify." }, "affects": [ { "ref": "pkg:npm/dompurify@3.0.3-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0f813af1-5cfb-5a41-b35a-7ac9bedda893", "id": "CVE-2019-19919", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2019-19919 is fixed in version 3.0.3-tuxcare.1 of dompurify." }, "affects": [ { "ref": "pkg:npm/dompurify@3.0.3-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4735eb58-ffd4-58ac-9dcb-d6c7b281e938", "id": "CVE-2019-20920", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2019-20920 is fixed in version 3.0.3-tuxcare.1 of dompurify." }, "affects": [ { "ref": "pkg:npm/dompurify@3.0.3-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d50e55ca-faec-52c5-8079-ff806135e6b9", "id": "CVE-2021-23369", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-23369 is fixed in version 3.0.3-tuxcare.1 of dompurify." }, "affects": [ { "ref": "pkg:npm/dompurify@3.0.3-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9fc7a722-4acb-5662-afcf-7a3c3a6b8b16", "id": "CVE-2021-23383", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-23383 is fixed in version 3.0.3-tuxcare.1 of dompurify." }, "affects": [ { "ref": "pkg:npm/dompurify@3.0.3-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0b0fc15f-478d-53fb-ab7c-f0ab8aab4672", "id": "CVE-2024-45801", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-45801 is fixed in version 3.0.3-tuxcare.1 of dompurify." }, "affects": [ { "ref": "pkg:npm/dompurify@3.0.3-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7815d1b4-d4c6-530f-8e4a-0f9f1f2dafb2", "id": "CVE-2024-47875", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-47875 is fixed in version 3.0.3-tuxcare.1 of dompurify." }, "affects": [ { "ref": "pkg:npm/dompurify@3.0.3-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9bf3fdf4-5999-5301-9289-edd143e17f97", "id": "CVE-2025-26791", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-26791 is fixed in version 3.0.3-tuxcare.1 of dompurify." }, "affects": [ { "ref": "pkg:npm/dompurify@3.0.3-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a04f5bf7-6060-506a-a1a0-ad89648bfed2", "id": "CVE-2026-0540", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-0540 affects version 3.0.3-tuxcare.1 of dompurify." }, "affects": [ { "ref": "pkg:npm/dompurify@3.0.3-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ae0c11c2-ff8e-5345-b20e-76a1521c55bc", "id": "CVE-2026-41238", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-41238 is fixed in version 3.0.3-tuxcare.1 of dompurify." }, "affects": [ { "ref": "pkg:npm/dompurify@3.0.3-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:eb0a7df3-22d4-5e89-89d3-a7832db46923", "id": "CVE-2026-41239", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-41239 is fixed in version 3.0.3-tuxcare.1 of dompurify." }, "affects": [ { "ref": "pkg:npm/dompurify@3.0.3-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:24f7c1b3-0d48-5c8d-a7ca-94f919047df6", "id": "CVE-2026-41240", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-41240 is fixed in version 3.0.3-tuxcare.1 of dompurify." }, "affects": [ { "ref": "pkg:npm/dompurify@3.0.3-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:64f4c657-223e-5367-88df-1f57a7d33b18", "id": "CVE-2026-49458", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-49458 affects version 3.0.3-tuxcare.1 of dompurify." }, "affects": [ { "ref": "pkg:npm/dompurify@3.0.3-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:51049ade-e86d-5cca-aa70-6f1ef1c434bc", "id": "CVE-2026-49459", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-49459 affects version 3.0.3-tuxcare.1 of dompurify." }, "affects": [ { "ref": "pkg:npm/dompurify@3.0.3-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fd1998d1-d9a9-59e3-9793-26855b88028e", "id": "CVE-2026-49978", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-49978 affects version 3.0.3-tuxcare.1 of dompurify." }, "affects": [ { "ref": "pkg:npm/dompurify@3.0.3-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9bd73d93-dda3-5fae-912c-78e69d8acd96", "id": "CVE-2026-6321", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-6321 is fixed in version 3.0.3-tuxcare.1 of dompurify." }, "affects": [ { "ref": "pkg:npm/dompurify@3.0.3-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b636045f-9b5b-5c52-835b-6a18caeac4fb", "id": "CVE-2026-6322", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-6322 is fixed in version 3.0.3-tuxcare.1 of dompurify." }, "affects": [ { "ref": "pkg:npm/dompurify@3.0.3-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2ccd3bc5-8f56-599e-933d-99cc60431f83", "id": "GHSA-2cf5-4w76-r9qv", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-2cf5-4w76-r9qv is fixed in version 3.0.3-tuxcare.1 of dompurify." }, "affects": [ { "ref": "pkg:npm/dompurify@3.0.3-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:da5ee67e-4ee6-5f7b-9be0-06d84878dbfa", "id": "GHSA-39q2-94rc-95cp", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-39q2-94rc-95cp is fixed in version 3.0.3-tuxcare.1 of dompurify." }, "affects": [ { "ref": "pkg:npm/dompurify@3.0.3-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:652dac00-d4d9-56c5-92e5-6414ad16dd2e", "id": "GHSA-76mc-f452-cxcm", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-76mc-f452-cxcm affects version 3.0.3-tuxcare.1 of dompurify." }, "affects": [ { "ref": "pkg:npm/dompurify@3.0.3-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:be27b31e-c338-5dcb-9590-ad4b5e297aa2", "id": "GHSA-cj63-jhhr-wcxv", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-cj63-jhhr-wcxv is fixed in version 3.0.3-tuxcare.1 of dompurify." }, "affects": [ { "ref": "pkg:npm/dompurify@3.0.3-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7eb61756-fa7b-53c8-a55a-162a5ea19822", "id": "GHSA-cjmm-f4jc-qw8r", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-cjmm-f4jc-qw8r is fixed in version 3.0.3-tuxcare.1 of dompurify." }, "affects": [ { "ref": "pkg:npm/dompurify@3.0.3-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a7407fd8-d6c3-55e2-ada8-260c65fe5687", "id": "GHSA-cmwh-pvxp-8882", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-cmwh-pvxp-8882 affects version 3.0.3-tuxcare.1 of dompurify." }, "affects": [ { "ref": "pkg:npm/dompurify@3.0.3-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6afe8f24-6127-5bbe-b90d-1ae6d93f9e13", "id": "GHSA-g9r4-xpmj-mj65", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-g9r4-xpmj-mj65 is fixed in version 3.0.3-tuxcare.1 of dompurify." }, "affects": [ { "ref": "pkg:npm/dompurify@3.0.3-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9c5f0309-0fef-5682-b3c1-431d60783345", "id": "GHSA-gvmj-g25r-r7wr", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-gvmj-g25r-r7wr affects version 3.0.3-tuxcare.1 of dompurify." }, "affects": [ { "ref": "pkg:npm/dompurify@3.0.3-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3b0baffb-fa13-5065-8f9e-931cb0fbbfb5", "id": "GHSA-h8r8-wccr-v5f2", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-h8r8-wccr-v5f2 is fixed in version 3.0.3-tuxcare.1 of dompurify." }, "affects": [ { "ref": "pkg:npm/dompurify@3.0.3-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:92cef2d4-8463-5598-9e04-9612e0fbba1d", "id": "GHSA-q2c6-c6pm-g3gh", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-q2c6-c6pm-g3gh is fixed in version 3.0.3-tuxcare.1 of dompurify." }, "affects": [ { "ref": "pkg:npm/dompurify@3.0.3-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dcfc6caa-b84e-5578-b757-0d03b5877d9a", "id": "GHSA-q42p-pg8m-cqh6", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-q42p-pg8m-cqh6 is fixed in version 3.0.3-tuxcare.1 of dompurify." }, "affects": [ { "ref": "pkg:npm/dompurify@3.0.3-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:92071742-1cf1-5768-9828-8165ff595fe2", "id": "GHSA-vxr8-fq34-vvx9", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-vxr8-fq34-vvx9 affects version 3.0.3-tuxcare.1 of dompurify." }, "affects": [ { "ref": "pkg:npm/dompurify@3.0.3-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1a160a30-e21e-5469-b2f3-b39de062ee82", "id": "GHSA-x4vx-rjvf-j5p4", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-x4vx-rjvf-j5p4 affects version 3.0.3-tuxcare.1 of dompurify." }, "affects": [ { "ref": "pkg:npm/dompurify@3.0.3-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:npm/dompurify@3.0.3-tuxcare.1" } ] }