{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:da429a39-32f0-5ff2-a6ec-97a615a8551f", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/ember-cli@1.13.11-tuxcare.1", "type": "library", "name": "ember-cli", "version": "1.13.11-tuxcare.1", "purl": "pkg:npm/ember-cli@1.13.11-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:884a715f-46ac-5f02-a777-a1bf1314d84a", "id": "CVE-2015-7565", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-7565 is fixed in version 1.13.11-tuxcare.1 of ember-cli." }, "affects": [ { "ref": "pkg:npm/ember-cli@1.13.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:50700908-97de-5c1e-a35a-dcc0240b58d9", "id": "CVE-2015-8861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-8861 affects version 1.13.11-tuxcare.1 of ember-cli." }, "affects": [ { "ref": "pkg:npm/ember-cli@1.13.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:949f68b3-e643-574c-80d7-eabcdcd7dd6a", "id": "CVE-2016-3956", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-3956 affects version 1.13.11-tuxcare.1 of ember-cli." }, "affects": [ { "ref": "pkg:npm/ember-cli@1.13.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b52d1356-a40e-5705-aefb-7c4fcb2e9a73", "id": "CVE-2017-16026", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-16026 affects version 1.13.11-tuxcare.1 of ember-cli." }, "affects": [ { "ref": "pkg:npm/ember-cli@1.13.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c57a6bb5-d2a6-5b7c-9b0e-b7a0ef167a8c", "id": "CVE-2017-16113", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2017-16113 is a false positive for ember-cli 1.13.11-tuxcare.1. false_positive \u2014 CVE-2017-16113 is a false positive match for this repository. The CVE affects the 'parsejson' npm module (versions \u2264 0.0.3), which is a completely different package from ember-cli. The parsejson module is not present in this repository as a direct dependency, transitive dependency, vendored copy, or in any other form." }, "affects": [ { "ref": "pkg:npm/ember-cli@1.13.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:96338c89-54c1-5d40-9072-b11b069e61ab", "id": "CVE-2017-16137", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-16137 affects version 1.13.11-tuxcare.1 of ember-cli." }, "affects": [ { "ref": "pkg:npm/ember-cli@1.13.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f190d9b2-9f26-5e97-8742-53dc9225afe3", "id": "CVE-2017-20165", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-20165 affects version 1.13.11-tuxcare.1 of ember-cli." }, "affects": [ { "ref": "pkg:npm/ember-cli@1.13.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c5c3bb4d-01e4-54e2-bf24-373de22b8062", "id": "CVE-2018-16487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-16487 affects version 1.13.11-tuxcare.1 of ember-cli." }, "affects": [ { "ref": "pkg:npm/ember-cli@1.13.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bc5495d7-2d15-5905-b29b-cd10e968cd4d", "id": "CVE-2018-3721", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-3721 affects version 1.13.11-tuxcare.1 of ember-cli." }, "affects": [ { "ref": "pkg:npm/ember-cli@1.13.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:61f7a9e2-7d17-5701-8729-e1dcf3d7770e", "id": "CVE-2018-7408", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-7408 affects version 1.13.11-tuxcare.1 of ember-cli." }, "affects": [ { "ref": "pkg:npm/ember-cli@1.13.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:da771d9f-8961-5de8-8f65-bb42bb3c61c9", "id": "CVE-2019-10744", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-10744 affects version 1.13.11-tuxcare.1 of ember-cli." }, "affects": [ { "ref": "pkg:npm/ember-cli@1.13.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7ca6d2c6-11b5-5619-ab0b-8796dbd8db83", "id": "CVE-2019-16775", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-16775 affects version 1.13.11-tuxcare.1 of ember-cli." }, "affects": [ { "ref": "pkg:npm/ember-cli@1.13.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:12dead31-f3fa-5a2d-8049-fc4e1a98391f", "id": "CVE-2019-16776", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-16776 affects version 1.13.11-tuxcare.1 of ember-cli." }, "affects": [ { "ref": "pkg:npm/ember-cli@1.13.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:12adcb57-9ba0-5bbe-88df-e7c2c5ca5a9f", "id": "CVE-2019-16777", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-16777 affects version 1.13.11-tuxcare.1 of ember-cli." }, "affects": [ { "ref": "pkg:npm/ember-cli@1.13.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:160fdbf7-e53d-5688-a167-e30cdb9f07b2", "id": "CVE-2020-15095", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-15095 affects version 1.13.11-tuxcare.1 of ember-cli." }, "affects": [ { "ref": "pkg:npm/ember-cli@1.13.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cdfc7578-107c-5dca-8dc6-d8d6c884b8ce", "id": "CVE-2020-36049", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2020-36049 does not affect version 1.13.11-tuxcare.1 of ember-cli. Version 1.13.11 is not vulnerable. Summary: The target repository (ember-cli 1.13.11-tuxcare.1 from November 2015) is NOT vulnerable to CVE-2020-36049. The vulnerable feature in socket.io-parser 3.x was not yet introduced when this version was released. The dependency testem 0.9.10 would have used socket.io 1.x with socket.io-parser 2.x, which predates the vulnerable socket.io-parser 3.x series by approximately 1.5 years." }, "affects": [ { "ref": "pkg:npm/ember-cli@1.13.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4d27ddbb-53d7-50bb-be15-36a301ac5310", "id": "CVE-2020-7754", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-7754 affects version 1.13.11-tuxcare.1 of ember-cli." }, "affects": [ { "ref": "pkg:npm/ember-cli@1.13.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ee3ee8a9-5da9-53b1-9a1d-23e4554ddb2c", "id": "CVE-2021-23337", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-23337 affects version 1.13.11-tuxcare.1 of ember-cli." }, "affects": [ { "ref": "pkg:npm/ember-cli@1.13.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0c1d0097-fd5a-5e57-83e2-fa63d0fde06b", "id": "CVE-2021-23362", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-23362 affects version 1.13.11-tuxcare.1 of ember-cli." }, "affects": [ { "ref": "pkg:npm/ember-cli@1.13.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3d6721c1-9441-54f7-9799-7f68769af19f", "id": "CVE-2021-23369", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-23369 affects version 1.13.11-tuxcare.1 of ember-cli." }, "affects": [ { "ref": "pkg:npm/ember-cli@1.13.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cc2a5730-10ab-5e76-a4f1-a368cef8e8ad", "id": "CVE-2021-23383", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-23383 affects version 1.13.11-tuxcare.1 of ember-cli." }, "affects": [ { "ref": "pkg:npm/ember-cli@1.13.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9e514b0f-6c7d-5296-891e-e7d0dbf40bcc", "id": "CVE-2021-31597", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-31597 affects version 1.13.11-tuxcare.1 of ember-cli." }, "affects": [ { "ref": "pkg:npm/ember-cli@1.13.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8f469189-f3ae-5b0a-a75b-25eb98d418d9", "id": "CVE-2022-21670", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-21670 affects version 1.13.11-tuxcare.1 of ember-cli." }, "affects": [ { "ref": "pkg:npm/ember-cli@1.13.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bdf5123f-c258-559c-975f-66c8a4979e7d", "id": "CVE-2022-2421", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-2421 affects version 1.13.11-tuxcare.1 of ember-cli." }, "affects": [ { "ref": "pkg:npm/ember-cli@1.13.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4e61a584-9982-56f1-95f4-e95ae2018f5c", "id": "CVE-2023-28155", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-28155 affects version 1.13.11-tuxcare.1 of ember-cli." }, "affects": [ { "ref": "pkg:npm/ember-cli@1.13.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:86c33338-85f0-5645-8d0e-ebf74f99eb7c", "id": "CVE-2023-32695", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-32695 affects version 1.13.11-tuxcare.1 of ember-cli." }, "affects": [ { "ref": "pkg:npm/ember-cli@1.13.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:040e9696-22af-5acb-a4df-149041f42820", "id": "CVE-2025-13465", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-13465 affects version 1.13.11-tuxcare.1 of ember-cli." }, "affects": [ { "ref": "pkg:npm/ember-cli@1.13.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:02e04d53-d6ad-57d8-93b1-e4854bffb766", "id": "CVE-2026-2950", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2950 affects version 1.13.11-tuxcare.1 of ember-cli." }, "affects": [ { "ref": "pkg:npm/ember-cli@1.13.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:db682724-fca1-52cc-a84a-69a70c63034a", "id": "CVE-2026-33151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33151 affects version 1.13.11-tuxcare.1 of ember-cli." }, "affects": [ { "ref": "pkg:npm/ember-cli@1.13.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e2321ac1-8c23-5296-bc22-1e106d03f6b3", "id": "CVE-2026-33937", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33937 affects version 1.13.11-tuxcare.1 of ember-cli." }, "affects": [ { "ref": "pkg:npm/ember-cli@1.13.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5d73252b-e024-5290-b9a1-25e49a973a55", "id": "CVE-2026-33938", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33938 affects version 1.13.11-tuxcare.1 of ember-cli." }, "affects": [ { "ref": "pkg:npm/ember-cli@1.13.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8043da66-c7e5-577d-95d4-c8c8b7354d27", "id": "CVE-2026-33939", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33939 affects version 1.13.11-tuxcare.1 of ember-cli." }, "affects": [ { "ref": "pkg:npm/ember-cli@1.13.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8f19ee37-78c3-50de-b657-3b1abfa4d92d", "id": "CVE-2026-33940", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33940 affects version 1.13.11-tuxcare.1 of ember-cli." }, "affects": [ { "ref": "pkg:npm/ember-cli@1.13.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:205dbbb4-af88-5506-8869-2667b5abe0c5", "id": "CVE-2026-33941", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33941 affects version 1.13.11-tuxcare.1 of ember-cli." }, "affects": [ { "ref": "pkg:npm/ember-cli@1.13.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:78bf1f02-a9c6-5cf0-80d3-8875b1c4ce53", "id": "CVE-2026-41907", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41907 affects version 1.13.11-tuxcare.1 of ember-cli." }, "affects": [ { "ref": "pkg:npm/ember-cli@1.13.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:35f51c7d-a322-580d-a939-e44596c7c970", "id": "CVE-2026-4800", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-4800 affects version 1.13.11-tuxcare.1 of ember-cli." }, "affects": [ { "ref": "pkg:npm/ember-cli@1.13.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c1a6f10c-f137-50b3-9401-9f22a22c26af", "id": "CVE-2026-48988", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2026-48988 does not affect version 1.13.11-tuxcare.1 of ember-cli. not_affected \u2014 The target ember-cli v1.13.11-tuxcare.1 uses markdown-it@4.3.0 which contains the vulnerable smartquotes replaceAt() code pattern, but the vulnerability is not exploitable because the typographer option (required to enable smartquotes) defaults to false and is never enabled in the codebase." }, "affects": [ { "ref": "pkg:npm/ember-cli@1.13.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f2ed738a-8813-56d3-b810-67aae11313cb", "id": "GHSA-442j-39wm-28r2", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-442j-39wm-28r2 affects version 1.13.11-tuxcare.1 of ember-cli." }, "affects": [ { "ref": "pkg:npm/ember-cli@1.13.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:17799e20-5d56-53aa-93b3-1a91083ad69b", "id": "GHSA-7rx3-28cr-v5wh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-7rx3-28cr-v5wh affects version 1.13.11-tuxcare.1 of ember-cli." }, "affects": [ { "ref": "pkg:npm/ember-cli@1.13.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3741054c-c2f1-5fee-93ee-420b0c873588", "id": "GHSA-xgh6-85xh-479p", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-xgh6-85xh-479p affects version 1.13.11-tuxcare.1 of ember-cli." }, "affects": [ { "ref": "pkg:npm/ember-cli@1.13.11-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:npm/ember-cli@1.13.11-tuxcare.1" } ] }