{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:a0b0c195-4b2b-589d-9f56-74275685cc47", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/dompurify@3.1.6-tuxcare.3", "type": "library", "name": "dompurify", "version": "3.1.6-tuxcare.3", "purl": "pkg:npm/dompurify@3.1.6-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:e89a1451-5be0-57b4-a6dd-7584e7ffd09f", "id": "CVE-2025-15599", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-15599 is fixed in version 3.1.6-tuxcare.3 of dompurify." }, "affects": [ { "ref": "pkg:npm/dompurify@3.1.6-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1b781c5c-6d04-54d4-8d8f-30d9ff2087b5", "id": "CVE-2025-26791", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-26791 is fixed in version 3.1.6-tuxcare.3 of dompurify." }, "affects": [ { "ref": "pkg:npm/dompurify@3.1.6-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:41ff3dba-9d21-5a89-b72d-28b8cadf86fd", "id": "CVE-2026-0540", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-0540 is fixed in version 3.1.6-tuxcare.3 of dompurify." }, "affects": [ { "ref": "pkg:npm/dompurify@3.1.6-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bd0bcdc8-2c51-5ec1-a008-05392dfe6f24", "id": "CVE-2026-41238", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-41238 is fixed in version 3.1.6-tuxcare.3 of dompurify." }, "affects": [ { "ref": "pkg:npm/dompurify@3.1.6-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:df8a681f-fb73-5e65-a13f-7c5fbb80f9f4", "id": "CVE-2026-41239", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-41239 is fixed in version 3.1.6-tuxcare.3 of dompurify." }, "affects": [ { "ref": "pkg:npm/dompurify@3.1.6-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b9efaf83-3139-57d2-a0c2-119d2a543976", "id": "CVE-2026-41240", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-41240 is fixed in version 3.1.6-tuxcare.3 of dompurify." }, "affects": [ { "ref": "pkg:npm/dompurify@3.1.6-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dc02a9ea-d0f9-507a-a7c4-a0c1bf15e73b", "id": "CVE-2026-49458", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-49458 affects version 3.1.6-tuxcare.3 of dompurify." }, "affects": [ { "ref": "pkg:npm/dompurify@3.1.6-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:73fb3682-be7c-5fff-84f2-a2d3eaecddc7", "id": "CVE-2026-49459", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-49459 affects version 3.1.6-tuxcare.3 of dompurify." }, "affects": [ { "ref": "pkg:npm/dompurify@3.1.6-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1be2f1ec-3840-5c4d-a2e4-63fd8966bcee", "id": "CVE-2026-49978", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-49978 affects version 3.1.6-tuxcare.3 of dompurify." }, "affects": [ { "ref": "pkg:npm/dompurify@3.1.6-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:19feedcc-7774-5a35-b94e-dd35e898fd0b", "id": "GHSA-39q2-94rc-95cp", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-39q2-94rc-95cp is fixed in version 3.1.6-tuxcare.3 of dompurify." }, "affects": [ { "ref": "pkg:npm/dompurify@3.1.6-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5671ff7d-0b7e-5fb2-987a-48b5c12628d7", "id": "GHSA-76mc-f452-cxcm", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-76mc-f452-cxcm affects version 3.1.6-tuxcare.3 of dompurify." }, "affects": [ { "ref": "pkg:npm/dompurify@3.1.6-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:81ca2a28-f068-5113-a674-f60992439367", "id": "GHSA-cj63-jhhr-wcxv", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-cj63-jhhr-wcxv is fixed in version 3.1.6-tuxcare.3 of dompurify." }, "affects": [ { "ref": "pkg:npm/dompurify@3.1.6-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1c794e8b-6780-5cfd-957c-52eb1e0324c5", "id": "GHSA-cjmm-f4jc-qw8r", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-cjmm-f4jc-qw8r is fixed in version 3.1.6-tuxcare.3 of dompurify." }, "affects": [ { "ref": "pkg:npm/dompurify@3.1.6-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:16be70d9-463b-588b-b1b4-9177126b6e34", "id": "GHSA-cmwh-pvxp-8882", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-cmwh-pvxp-8882 affects version 3.1.6-tuxcare.3 of dompurify." }, "affects": [ { "ref": "pkg:npm/dompurify@3.1.6-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1c9d0c7b-2a9a-549a-9551-b55002d2d448", "id": "GHSA-gvmj-g25r-r7wr", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-gvmj-g25r-r7wr affects version 3.1.6-tuxcare.3 of dompurify." }, "affects": [ { "ref": "pkg:npm/dompurify@3.1.6-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:faf07fe1-6fc4-519e-b101-b2a3918139c7", "id": "GHSA-h8r8-wccr-v5f2", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-h8r8-wccr-v5f2 is fixed in version 3.1.6-tuxcare.3 of dompurify." }, "affects": [ { "ref": "pkg:npm/dompurify@3.1.6-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f8fa3791-b9d1-549c-b0ac-5541452491b8", "id": "GHSA-vxr8-fq34-vvx9", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-vxr8-fq34-vvx9 affects version 3.1.6-tuxcare.3 of dompurify." }, "affects": [ { "ref": "pkg:npm/dompurify@3.1.6-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a4509c51-7aed-5b0c-9178-3be4c88962af", "id": "GHSA-x4vx-rjvf-j5p4", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-x4vx-rjvf-j5p4 affects version 3.1.6-tuxcare.3 of dompurify." }, "affects": [ { "ref": "pkg:npm/dompurify@3.1.6-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:npm/dompurify@3.1.6-tuxcare.3" } ] }