{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:40ff4a71-3d3b-5585-abf7-29be7b26aa65", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/undici@6.11.1-tuxcare.1", "type": "library", "name": "undici", "version": "6.11.1-tuxcare.1", "purl": "pkg:npm/undici@6.11.1-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:67d62acc-0da2-577a-b0f5-9a537b6273e7", "id": "CVE-2025-22150", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22150 is fixed in version 6.11.1-tuxcare.1 of undici." }, "affects": [ { "ref": "pkg:npm/undici@6.11.1-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:deec2ec8-1451-586f-8fd5-82bb02e24b5c", "id": "CVE-2025-47279", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-47279 is fixed in version 6.11.1-tuxcare.1 of undici." }, "affects": [ { "ref": "pkg:npm/undici@6.11.1-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7491a38f-aba8-5e6e-9d7d-ab7981f9b098", "id": "CVE-2026-11525", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-11525 affects version 6.11.1-tuxcare.1 of undici." }, "affects": [ { "ref": "pkg:npm/undici@6.11.1-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e3d92f9e-5e4e-5dfc-bfdc-fec0d69439ec", "id": "CVE-2026-12151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-12151 affects version 6.11.1-tuxcare.1 of undici." }, "affects": [ { "ref": "pkg:npm/undici@6.11.1-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f55b23fe-6504-5334-911a-7f7a028c529a", "id": "CVE-2026-1525", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1525 affects version 6.11.1-tuxcare.1 of undici." }, "affects": [ { "ref": "pkg:npm/undici@6.11.1-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2fb38f4e-a9c9-51ad-8331-0e5e5b3eda1b", "id": "CVE-2026-1526", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1526 affects version 6.11.1-tuxcare.1 of undici." }, "affects": [ { "ref": "pkg:npm/undici@6.11.1-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2869e8aa-8ab0-5e39-856b-de10462ca45f", "id": "CVE-2026-1527", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1527 affects version 6.11.1-tuxcare.1 of undici." }, "affects": [ { "ref": "pkg:npm/undici@6.11.1-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:669157fd-a45f-5dcd-9594-012861b4ac51", "id": "CVE-2026-1528", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1528 affects version 6.11.1-tuxcare.1 of undici." }, "affects": [ { "ref": "pkg:npm/undici@6.11.1-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2ae725d7-8c19-5330-9683-97d86b303240", "id": "CVE-2026-22036", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22036 is fixed in version 6.11.1-tuxcare.1 of undici." }, "affects": [ { "ref": "pkg:npm/undici@6.11.1-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9218ae64-b0d5-5bda-a243-b37eebcd7acb", "id": "CVE-2026-2229", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2229 affects version 6.11.1-tuxcare.1 of undici." }, "affects": [ { "ref": "pkg:npm/undici@6.11.1-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:01b88901-ef86-54c8-9d50-6bac1741f210", "id": "CVE-2026-6733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-6733 affects version 6.11.1-tuxcare.1 of undici." }, "affects": [ { "ref": "pkg:npm/undici@6.11.1-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fc187143-21ce-5e34-a613-eabbbe05fedd", "id": "CVE-2026-9679", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-9679 affects version 6.11.1-tuxcare.1 of undici." }, "affects": [ { "ref": "pkg:npm/undici@6.11.1-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:npm/undici@6.11.1-tuxcare.1" } ] }