{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:ef5c36d0-51c2-54a6-a497-1e5609da3732", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/jsonwebtoken@0.4.0-tuxcare.2", "type": "library", "name": "jsonwebtoken", "version": "0.4.0-tuxcare.2", "purl": "pkg:npm/jsonwebtoken@0.4.0-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:11355ea8-01ec-5016-aecd-ec667451b163", "id": "CVE-2015-0925", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-0925 is fixed in version 0.4.0-tuxcare.2 of jsonwebtoken." }, "affects": [ { "ref": "pkg:npm/jsonwebtoken@0.4.0-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:54305b8b-baed-535e-acda-0bb3b577dd66", "id": "CVE-2015-9235", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-9235 affects version 0.4.0-tuxcare.2 of jsonwebtoken." }, "affects": [ { "ref": "pkg:npm/jsonwebtoken@0.4.0-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b515f046-12a8-5ddd-b861-d992264623e5", "id": "CVE-2016-1000223", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000223 affects version 0.4.0-tuxcare.2 of jsonwebtoken." }, "affects": [ { "ref": "pkg:npm/jsonwebtoken@0.4.0-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6dd36df1-0a9f-5391-bc8c-9c027e8c45a4", "id": "CVE-2022-23539", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-23539 affects version 0.4.0-tuxcare.2 of jsonwebtoken." }, "affects": [ { "ref": "pkg:npm/jsonwebtoken@0.4.0-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e875c229-58a2-5ca8-a48c-44c286e84ebd", "id": "CVE-2022-23540", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-23540 affects version 0.4.0-tuxcare.2 of jsonwebtoken." }, "affects": [ { "ref": "pkg:npm/jsonwebtoken@0.4.0-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:80e35799-29c2-5952-8414-2b21c8ed710c", "id": "CVE-2022-23541", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-23541 affects version 0.4.0-tuxcare.2 of jsonwebtoken." }, "affects": [ { "ref": "pkg:npm/jsonwebtoken@0.4.0-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c55d698a-21fc-5a10-96d6-9e19c1deddaa", "id": "CVE-2022-46175", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-46175 is fixed in version 0.4.0-tuxcare.2 of jsonwebtoken." }, "affects": [ { "ref": "pkg:npm/jsonwebtoken@0.4.0-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:66507599-3c5c-5032-8f53-931f95e58e2b", "id": "CVE-2024-47764", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-47764 is fixed in version 0.4.0-tuxcare.2 of jsonwebtoken." }, "affects": [ { "ref": "pkg:npm/jsonwebtoken@0.4.0-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e4083921-f3c8-5fde-9dfd-877fa3d6de45", "id": "CVE-2025-65945", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-65945 affects version 0.4.0-tuxcare.2 of jsonwebtoken." }, "affects": [ { "ref": "pkg:npm/jsonwebtoken@0.4.0-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5ad87c55-fe6d-54e4-90be-0b2a26e7c275", "id": "GHSA-xc7v-wxcw-j472", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-xc7v-wxcw-j472 is fixed in version 0.4.0-tuxcare.2 of jsonwebtoken." }, "affects": [ { "ref": "pkg:npm/jsonwebtoken@0.4.0-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d754ae93-4984-56e4-becd-78133bb34e97", "id": "NSWG-ECO-17", "analysis": { "state": "resolved", "detail": "Vulnerability NSWG-ECO-17 is fixed in version 0.4.0-tuxcare.2 of jsonwebtoken." }, "affects": [ { "ref": "pkg:npm/jsonwebtoken@0.4.0-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:npm/jsonwebtoken@0.4.0-tuxcare.2" } ] }