{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:f4e81697-061e-5243-bc79-59552a12457c", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/express-jwt@0.1.4-tuxcare.2", "type": "library", "name": "express-jwt", "version": "0.1.4-tuxcare.2", "purl": "pkg:npm/express-jwt@0.1.4-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:4ea72a2d-a739-5b4b-a0b2-fe934f482052", "id": "CVE-2015-9235", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-9235 affects version 0.1.4-tuxcare.2 of express-jwt." }, "affects": [ { "ref": "pkg:npm/express-jwt@0.1.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:59acc5dc-8467-5b75-9875-8e17d96ab68c", "id": "CVE-2016-1000223", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000223 affects version 0.1.4-tuxcare.2 of express-jwt." }, "affects": [ { "ref": "pkg:npm/express-jwt@0.1.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:76286936-5c9c-5159-bfa9-b7ba33bcfd0f", "id": "CVE-2020-15084", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-15084 is fixed in version 0.1.4-tuxcare.2 of express-jwt." }, "affects": [ { "ref": "pkg:npm/express-jwt@0.1.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a6b13453-9eab-5a0a-95e6-e70582f23f1f", "id": "CVE-2022-0144", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-0144 is fixed in version 0.1.4-tuxcare.2 of express-jwt." }, "affects": [ { "ref": "pkg:npm/express-jwt@0.1.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1ea677ef-ee62-586a-a4fc-0fb01b204e46", "id": "CVE-2022-23539", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-23539 affects version 0.1.4-tuxcare.2 of express-jwt." }, "affects": [ { "ref": "pkg:npm/express-jwt@0.1.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9f9f78d2-b415-5197-9022-3df8627897a4", "id": "CVE-2022-23540", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-23540 affects version 0.1.4-tuxcare.2 of express-jwt." }, "affects": [ { "ref": "pkg:npm/express-jwt@0.1.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d04cd263-bdf6-5313-88e9-4870c0f9a45f", "id": "CVE-2022-23541", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-23541 affects version 0.1.4-tuxcare.2 of express-jwt." }, "affects": [ { "ref": "pkg:npm/express-jwt@0.1.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1606deb9-4d57-5e8e-9278-8113fc67ad7c", "id": "CVE-2025-65945", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-65945 affects version 0.1.4-tuxcare.2 of express-jwt." }, "affects": [ { "ref": "pkg:npm/express-jwt@0.1.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e6e497bf-76da-50fd-9906-6eb837b6ba75", "id": "CVE-2025-7783", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-7783 is fixed in version 0.1.4-tuxcare.2 of express-jwt." }, "affects": [ { "ref": "pkg:npm/express-jwt@0.1.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:28b81ded-5f8c-5a70-b8f1-79638e4573c5", "id": "GHSA-64g7-mvw6-v9qj", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-64g7-mvw6-v9qj is fixed in version 0.1.4-tuxcare.2 of express-jwt." }, "affects": [ { "ref": "pkg:npm/express-jwt@0.1.4-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:npm/express-jwt@0.1.4-tuxcare.2" } ] }