{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:006ec712-ce65-5402-a4b8-8a0c3d14f009", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/jsonwebtoken@0.4.0-tuxcare.1", "type": "library", "name": "jsonwebtoken", "version": "0.4.0-tuxcare.1", "purl": "pkg:npm/jsonwebtoken@0.4.0-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:54272eee-459e-5832-8442-a9d5dc877830", "id": "CVE-2015-0925", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-0925 is fixed in version 0.4.0-tuxcare.1 of jsonwebtoken." }, "affects": [ { "ref": "pkg:npm/jsonwebtoken@0.4.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b1de22e7-f0e8-5751-a72e-0cfe5158ed51", "id": "CVE-2015-9235", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-9235 affects version 0.4.0-tuxcare.1 of jsonwebtoken." }, "affects": [ { "ref": "pkg:npm/jsonwebtoken@0.4.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f6410b1d-3b5f-5394-9b99-417e367c1546", "id": "CVE-2016-1000223", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000223 affects version 0.4.0-tuxcare.1 of jsonwebtoken." }, "affects": [ { "ref": "pkg:npm/jsonwebtoken@0.4.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:decd4509-6b5c-551f-917d-7a74fd67296c", "id": "CVE-2022-23539", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-23539 affects version 0.4.0-tuxcare.1 of jsonwebtoken." }, "affects": [ { "ref": "pkg:npm/jsonwebtoken@0.4.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e4fca1d2-b203-5a83-8c7f-6838f15684ab", "id": "CVE-2022-23540", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-23540 affects version 0.4.0-tuxcare.1 of jsonwebtoken." }, "affects": [ { "ref": "pkg:npm/jsonwebtoken@0.4.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0fdabbe9-1396-5fe1-b4fc-c7547b4f10d4", "id": "CVE-2022-23541", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-23541 affects version 0.4.0-tuxcare.1 of jsonwebtoken." }, "affects": [ { "ref": "pkg:npm/jsonwebtoken@0.4.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f95e258a-f8d6-5668-9b9c-f04eb992174d", "id": "CVE-2022-46175", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-46175 is fixed in version 0.4.0-tuxcare.1 of jsonwebtoken." }, "affects": [ { "ref": "pkg:npm/jsonwebtoken@0.4.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e3c44757-1ab9-58e0-8532-a0ebb754ec82", "id": "CVE-2024-47764", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-47764 is fixed in version 0.4.0-tuxcare.1 of jsonwebtoken." }, "affects": [ { "ref": "pkg:npm/jsonwebtoken@0.4.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b5d7cd7b-f26a-5dfa-a18e-6946364e980d", "id": "CVE-2025-65945", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-65945 affects version 0.4.0-tuxcare.1 of jsonwebtoken." }, "affects": [ { "ref": "pkg:npm/jsonwebtoken@0.4.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b9331c61-ae78-56c5-b740-d19ec09d18ec", "id": "GHSA-xc7v-wxcw-j472", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-xc7v-wxcw-j472 is fixed in version 0.4.0-tuxcare.1 of jsonwebtoken." }, "affects": [ { "ref": "pkg:npm/jsonwebtoken@0.4.0-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:924b5700-6091-5a60-9a80-aca911b01484", "id": "NSWG-ECO-17", "analysis": { "state": "resolved", "detail": "Vulnerability NSWG-ECO-17 is fixed in version 0.4.0-tuxcare.1 of jsonwebtoken." }, "affects": [ { "ref": "pkg:npm/jsonwebtoken@0.4.0-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:npm/jsonwebtoken@0.4.0-tuxcare.1" } ] }