{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:22a98b6c-9441-5134-8df2-f5896d30c0b6", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/express@4.18.2-tuxcare.1", "type": "library", "name": "express", "version": "4.18.2-tuxcare.1", "purl": "pkg:npm/express@4.18.2-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:b2a8e972-fb45-5a19-867e-e2a9b1b8e507", "id": "CVE-2024-29041", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-29041 is fixed in version 4.18.2-tuxcare.1 of express." }, "affects": [ { "ref": "pkg:npm/express@4.18.2-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3203f603-b6f4-5e11-ac9b-690ef0e1b0bb", "id": "CVE-2024-43796", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-43796 is fixed in version 4.18.2-tuxcare.1 of express." }, "affects": [ { "ref": "pkg:npm/express@4.18.2-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0134e8c5-95d5-5f3f-a341-1f966e7a7b5c", "id": "CVE-2024-43799", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-43799 affects version 4.18.2-tuxcare.1 of express." }, "affects": [ { "ref": "pkg:npm/express@4.18.2-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:09f0ce90-6444-5436-9349-27b0d48fc2c2", "id": "CVE-2024-43800", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-43800 affects version 4.18.2-tuxcare.1 of express." }, "affects": [ { "ref": "pkg:npm/express@4.18.2-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a554931a-d3b1-59ab-b228-f9ae08a53329", "id": "CVE-2024-45296", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-45296 affects version 4.18.2-tuxcare.1 of express." }, "affects": [ { "ref": "pkg:npm/express@4.18.2-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7c79d7c1-4115-5200-8997-bf2120ca4d7d", "id": "CVE-2024-45590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-45590 affects version 4.18.2-tuxcare.1 of express." }, "affects": [ { "ref": "pkg:npm/express@4.18.2-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d426b84c-a43b-5299-8d63-e491a8551ca8", "id": "CVE-2024-47764", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-47764 affects version 4.18.2-tuxcare.1 of express." }, "affects": [ { "ref": "pkg:npm/express@4.18.2-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a89084bd-cf11-5ec8-bcad-a20bd67b1aef", "id": "CVE-2024-52798", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-52798 affects version 4.18.2-tuxcare.1 of express." }, "affects": [ { "ref": "pkg:npm/express@4.18.2-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1751dd99-7bcb-5f36-8385-856881947431", "id": "CVE-2025-15284", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-15284 affects version 4.18.2-tuxcare.1 of express." }, "affects": [ { "ref": "pkg:npm/express@4.18.2-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:31f19784-b0ad-5f96-90ba-d7bab6c0ca7a", "id": "CVE-2026-2391", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2391 affects version 4.18.2-tuxcare.1 of express." }, "affects": [ { "ref": "pkg:npm/express@4.18.2-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e80ca082-6cb0-5fd1-b718-d6a1bf823c65", "id": "CVE-2026-4867", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-4867 affects version 4.18.2-tuxcare.1 of express." }, "affects": [ { "ref": "pkg:npm/express@4.18.2-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1ca86839-726f-5d4a-b3c1-5c522e13116d", "id": "CVE-2026-8723", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-8723 affects version 4.18.2-tuxcare.1 of express." }, "affects": [ { "ref": "pkg:npm/express@4.18.2-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:npm/express@4.18.2-tuxcare.1" } ] }