{
  "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
  "bomFormat": "CycloneDX",
  "specVersion": "1.6",
  "serialNumber": "urn:uuid:c2f6126f-9b62-56cf-a7df-e7bed2ce949d",
  "version": 1,
  "metadata": {
    "tools": [
      {
        "name": "tuxcare-vex-generator",
        "version": "1.0.0"
      }
    ]
  },
  "components": [
    {
      "bom-ref": "pkg:npm/express@3.4.8-tuxcare.1",
      "type": "library",
      "name": "express",
      "version": "3.4.8-tuxcare.1",
      "purl": "pkg:npm/express@3.4.8-tuxcare.1"
    }
  ],
  "vulnerabilities": [
    {
      "bom-ref": "urn:uuid:0adc819c-ef9a-53b2-8730-7f0077487c3f",
      "id": "CVE-2014-6393",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2014-6393 is fixed in version 3.4.8-tuxcare.1 of express."
      },
      "affects": [
        {
          "ref": "pkg:npm/express@3.4.8-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:a3cc8656-6f28-506b-bda6-993320889d60",
      "id": "CVE-2014-6394",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2014-6394 affects version 3.4.8-tuxcare.1 of express."
      },
      "affects": [
        {
          "ref": "pkg:npm/express@3.4.8-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:8cf8c5b8-f5da-5c30-9b85-2a73daabb957",
      "id": "CVE-2015-8859",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2015-8859 affects version 3.4.8-tuxcare.1 of express."
      },
      "affects": [
        {
          "ref": "pkg:npm/express@3.4.8-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:1286caca-fc6e-52fa-894a-c8b49bc5a9b6",
      "id": "CVE-2016-1000236",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2016-1000236 affects version 3.4.8-tuxcare.1 of express."
      },
      "affects": [
        {
          "ref": "pkg:npm/express@3.4.8-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:b78146c7-258c-523b-a9e6-ec589b7a60bd",
      "id": "CVE-2016-10539",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2016-10539 affects version 3.4.8-tuxcare.1 of express."
      },
      "affects": [
        {
          "ref": "pkg:npm/express@3.4.8-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:c5219bc4-ffbc-5497-b165-0421864cc16c",
      "id": "CVE-2017-16119",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2017-16119 affects version 3.4.8-tuxcare.1 of express."
      },
      "affects": [
        {
          "ref": "pkg:npm/express@3.4.8-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:9584db04-55cd-56fe-8185-456402ef723e",
      "id": "CVE-2017-16137",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2017-16137 affects version 3.4.8-tuxcare.1 of express."
      },
      "affects": [
        {
          "ref": "pkg:npm/express@3.4.8-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:119157e2-3c71-522b-a68c-1c98ab0487d1",
      "id": "CVE-2017-20165",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2017-20165 affects version 3.4.8-tuxcare.1 of express."
      },
      "affects": [
        {
          "ref": "pkg:npm/express@3.4.8-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:3640ab1a-94db-53a3-867f-587f8f790f78",
      "id": "CVE-2018-3717",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2018-3717 affects version 3.4.8-tuxcare.1 of express."
      },
      "affects": [
        {
          "ref": "pkg:npm/express@3.4.8-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:9c7c395f-730d-530b-8127-f95fbaa0ffd7",
      "id": "CVE-2024-10491",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-10491 is fixed in version 3.4.8-tuxcare.1 of express."
      },
      "affects": [
        {
          "ref": "pkg:npm/express@3.4.8-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:812afbf1-b72d-5919-ae88-eb2554280932",
      "id": "CVE-2024-29041",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-29041 is fixed in version 3.4.8-tuxcare.1 of express."
      },
      "affects": [
        {
          "ref": "pkg:npm/express@3.4.8-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:01e55330-67d1-5571-ba86-6bc167130f91",
      "id": "CVE-2024-43796",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-43796 is fixed in version 3.4.8-tuxcare.1 of express."
      },
      "affects": [
        {
          "ref": "pkg:npm/express@3.4.8-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:f5bdeb3f-e386-5baa-98a2-9008fa22d9e4",
      "id": "CVE-2024-43799",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-43799 affects version 3.4.8-tuxcare.1 of express."
      },
      "affects": [
        {
          "ref": "pkg:npm/express@3.4.8-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:78f93614-4913-5115-837c-0d9f8fb9c335",
      "id": "CVE-2024-47764",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-47764 affects version 3.4.8-tuxcare.1 of express."
      },
      "affects": [
        {
          "ref": "pkg:npm/express@3.4.8-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:13efd434-b47c-54d5-a980-8ddf920f95f4",
      "id": "CVE-2024-9266",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-9266 is fixed in version 3.4.8-tuxcare.1 of express."
      },
      "affects": [
        {
          "ref": "pkg:npm/express@3.4.8-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:c6db8360-a9a2-5364-bd92-46d643dc8125",
      "id": "CVE-2026-8159",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-8159 affects version 3.4.8-tuxcare.1 of express."
      },
      "affects": [
        {
          "ref": "pkg:npm/express@3.4.8-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:458659c8-b9c3-5891-86ce-683ecf1c857b",
      "id": "CVE-2026-8161",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-8161 affects version 3.4.8-tuxcare.1 of express."
      },
      "affects": [
        {
          "ref": "pkg:npm/express@3.4.8-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:39cd8a90-ad22-58ba-bee2-fae5f2fac14d",
      "id": "CVE-2026-8162",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-8162 affects version 3.4.8-tuxcare.1 of express."
      },
      "affects": [
        {
          "ref": "pkg:npm/express@3.4.8-tuxcare.1"
        }
      ]
    }
  ],
  "dependencies": [
    {
      "ref": "pkg:npm/express@3.4.8-tuxcare.1"
    }
  ]
}