{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:9f053c9e-e8c6-52d2-9cbe-5be56006db45", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/jsonwebtoken@0.4.0-tuxcare.3", "type": "library", "name": "jsonwebtoken", "version": "0.4.0-tuxcare.3", "purl": "pkg:npm/jsonwebtoken@0.4.0-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:c80417e7-820b-5b97-87da-6b51bd94732e", "id": "CVE-2015-0925", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-0925 is fixed in version 0.4.0-tuxcare.3 of jsonwebtoken." }, "affects": [ { "ref": "pkg:npm/jsonwebtoken@0.4.0-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ea573506-ca8f-5e9f-94d8-b6857cb5611e", "id": "CVE-2015-9235", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-9235 affects version 0.4.0-tuxcare.3 of jsonwebtoken." }, "affects": [ { "ref": "pkg:npm/jsonwebtoken@0.4.0-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2f851229-cc62-57df-b036-99af7e1adf21", "id": "CVE-2016-1000223", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000223 affects version 0.4.0-tuxcare.3 of jsonwebtoken." }, "affects": [ { "ref": "pkg:npm/jsonwebtoken@0.4.0-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:af80bad9-c1f1-5f6d-b8c4-c131cd0816d3", "id": "CVE-2022-23539", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-23539 affects version 0.4.0-tuxcare.3 of jsonwebtoken." }, "affects": [ { "ref": "pkg:npm/jsonwebtoken@0.4.0-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0c5ccc4e-bfc6-57b9-a2f6-1b9319681d13", "id": "CVE-2022-23540", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-23540 affects version 0.4.0-tuxcare.3 of jsonwebtoken." }, "affects": [ { "ref": "pkg:npm/jsonwebtoken@0.4.0-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:17d5ef05-405e-51ff-ac95-fae1a7c8151f", "id": "CVE-2022-23541", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-23541 affects version 0.4.0-tuxcare.3 of jsonwebtoken." }, "affects": [ { "ref": "pkg:npm/jsonwebtoken@0.4.0-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b4314341-3295-56cb-a3d2-754923e53ae5", "id": "CVE-2022-46175", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-46175 is fixed in version 0.4.0-tuxcare.3 of jsonwebtoken." }, "affects": [ { "ref": "pkg:npm/jsonwebtoken@0.4.0-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:839ce733-3f1b-52e5-909f-b667b97030b7", "id": "CVE-2024-47764", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-47764 is fixed in version 0.4.0-tuxcare.3 of jsonwebtoken." }, "affects": [ { "ref": "pkg:npm/jsonwebtoken@0.4.0-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f5e63bf6-5fc5-5c65-8266-790e1d59fb34", "id": "CVE-2025-65945", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-65945 affects version 0.4.0-tuxcare.3 of jsonwebtoken." }, "affects": [ { "ref": "pkg:npm/jsonwebtoken@0.4.0-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:33a73f07-0cbe-5d29-ae80-a1390a6d092a", "id": "GHSA-xc7v-wxcw-j472", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-xc7v-wxcw-j472 is fixed in version 0.4.0-tuxcare.3 of jsonwebtoken." }, "affects": [ { "ref": "pkg:npm/jsonwebtoken@0.4.0-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b07cf742-1628-5e1d-917f-0c6f38d3a4bb", "id": "NSWG-ECO-17", "analysis": { "state": "resolved", "detail": "Vulnerability NSWG-ECO-17 is fixed in version 0.4.0-tuxcare.3 of jsonwebtoken." }, "affects": [ { "ref": "pkg:npm/jsonwebtoken@0.4.0-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:npm/jsonwebtoken@0.4.0-tuxcare.3" } ] }