{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:5fd70196-b54c-51b8-8193-a69a0263409f", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/express-jwt@0.1.4-tuxcare.1", "type": "library", "name": "express-jwt", "version": "0.1.4-tuxcare.1", "purl": "pkg:npm/express-jwt@0.1.4-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:bdc9ae42-5b89-5df9-9ae4-915e31e31a0f", "id": "CVE-2015-9235", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-9235 affects version 0.1.4-tuxcare.1 of express-jwt." }, "affects": [ { "ref": "pkg:npm/express-jwt@0.1.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a4595842-5651-5f66-a56f-37de17d9350f", "id": "CVE-2016-1000223", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000223 affects version 0.1.4-tuxcare.1 of express-jwt." }, "affects": [ { "ref": "pkg:npm/express-jwt@0.1.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:06423a1a-1688-5202-a554-253d1b0d5887", "id": "CVE-2020-15084", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-15084 is fixed in version 0.1.4-tuxcare.1 of express-jwt." }, "affects": [ { "ref": "pkg:npm/express-jwt@0.1.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4162563a-5187-5adb-a0da-6b7e71445231", "id": "CVE-2022-0144", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-0144 is fixed in version 0.1.4-tuxcare.1 of express-jwt." }, "affects": [ { "ref": "pkg:npm/express-jwt@0.1.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7d4729af-a87a-5f16-a952-92d531c8a959", "id": "CVE-2022-23539", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-23539 affects version 0.1.4-tuxcare.1 of express-jwt." }, "affects": [ { "ref": "pkg:npm/express-jwt@0.1.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5316add5-0c27-5da2-8cc3-eaeb8ef28528", "id": "CVE-2022-23540", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-23540 affects version 0.1.4-tuxcare.1 of express-jwt." }, "affects": [ { "ref": "pkg:npm/express-jwt@0.1.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7f802d7d-88ad-5ae4-8d64-bfa8a7416b19", "id": "CVE-2022-23541", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-23541 affects version 0.1.4-tuxcare.1 of express-jwt." }, "affects": [ { "ref": "pkg:npm/express-jwt@0.1.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6ed823e8-7338-557d-85b3-a761656b647d", "id": "CVE-2025-65945", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-65945 affects version 0.1.4-tuxcare.1 of express-jwt." }, "affects": [ { "ref": "pkg:npm/express-jwt@0.1.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7c538088-4bc1-51a3-bd81-6bc56b625ec4", "id": "CVE-2025-7783", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-7783 is fixed in version 0.1.4-tuxcare.1 of express-jwt." }, "affects": [ { "ref": "pkg:npm/express-jwt@0.1.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:400f3542-2c58-54c9-8c15-35e8efd9b9a5", "id": "GHSA-64g7-mvw6-v9qj", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-64g7-mvw6-v9qj is fixed in version 0.1.4-tuxcare.1 of express-jwt." }, "affects": [ { "ref": "pkg:npm/express-jwt@0.1.4-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:npm/express-jwt@0.1.4-tuxcare.1" } ] }