{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:01501221-b8a2-5d95-8a52-d9301fa05908", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/jsonwebtoken@0.4.0-tuxcare.4", "type": "library", "name": "jsonwebtoken", "version": "0.4.0-tuxcare.4", "purl": "pkg:npm/jsonwebtoken@0.4.0-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:5e53c1f8-ccf6-5687-b3b3-f221c1f05de1", "id": "CVE-2015-0925", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-0925 is fixed in version 0.4.0-tuxcare.4 of jsonwebtoken." }, "affects": [ { "ref": "pkg:npm/jsonwebtoken@0.4.0-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b526f384-cd64-5c73-bc8b-05376be38493", "id": "CVE-2015-9235", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-9235 affects version 0.4.0-tuxcare.4 of jsonwebtoken." }, "affects": [ { "ref": "pkg:npm/jsonwebtoken@0.4.0-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9dd0b532-6670-5813-8a1a-e72e2facf67c", "id": "CVE-2016-1000223", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000223 affects version 0.4.0-tuxcare.4 of jsonwebtoken." }, "affects": [ { "ref": "pkg:npm/jsonwebtoken@0.4.0-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e1e6d2be-5226-5b65-a591-7ed10a74d244", "id": "CVE-2022-23539", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-23539 affects version 0.4.0-tuxcare.4 of jsonwebtoken." }, "affects": [ { "ref": "pkg:npm/jsonwebtoken@0.4.0-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d858a3af-ee52-5704-8259-b7ef7eabe316", "id": "CVE-2022-23540", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-23540 affects version 0.4.0-tuxcare.4 of jsonwebtoken." }, "affects": [ { "ref": "pkg:npm/jsonwebtoken@0.4.0-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:808eec04-4ab7-5ba3-8e20-d1c68c4c7999", "id": "CVE-2022-23541", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-23541 affects version 0.4.0-tuxcare.4 of jsonwebtoken." }, "affects": [ { "ref": "pkg:npm/jsonwebtoken@0.4.0-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:62255ad3-aeb9-58af-bc85-4a2dd42845cc", "id": "CVE-2022-46175", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-46175 is fixed in version 0.4.0-tuxcare.4 of jsonwebtoken." }, "affects": [ { "ref": "pkg:npm/jsonwebtoken@0.4.0-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0d0c2941-dbc1-5471-b080-e39ea96f662e", "id": "CVE-2024-47764", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-47764 is fixed in version 0.4.0-tuxcare.4 of jsonwebtoken." }, "affects": [ { "ref": "pkg:npm/jsonwebtoken@0.4.0-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:150b2f4e-de32-5227-ab70-d45d30ed1677", "id": "CVE-2025-65945", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-65945 affects version 0.4.0-tuxcare.4 of jsonwebtoken." }, "affects": [ { "ref": "pkg:npm/jsonwebtoken@0.4.0-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6dff8210-0c14-511d-a9a9-2b801039428b", "id": "GHSA-xc7v-wxcw-j472", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-xc7v-wxcw-j472 is fixed in version 0.4.0-tuxcare.4 of jsonwebtoken." }, "affects": [ { "ref": "pkg:npm/jsonwebtoken@0.4.0-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:35c3f421-b4b7-5a79-87f7-8c355fb3f47c", "id": "NSWG-ECO-17", "analysis": { "state": "resolved", "detail": "Vulnerability NSWG-ECO-17 is fixed in version 0.4.0-tuxcare.4 of jsonwebtoken." }, "affects": [ { "ref": "pkg:npm/jsonwebtoken@0.4.0-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:npm/jsonwebtoken@0.4.0-tuxcare.4" } ] }