{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:e326afd4-5ee5-59a2-a13f-4078e0b16b26", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/jsonwebtoken@0.4.0-tuxcare.5", "type": "library", "name": "jsonwebtoken", "version": "0.4.0-tuxcare.5", "purl": "pkg:npm/jsonwebtoken@0.4.0-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:4045a7a3-b5a6-5187-9b7b-13dbcb4a7143", "id": "CVE-2015-0925", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2015-0925 is fixed in version 0.4.0-tuxcare.5 of jsonwebtoken." }, "affects": [ { "ref": "pkg:npm/jsonwebtoken@0.4.0-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d9bc58fd-9b01-58bb-9159-86e49a84802b", "id": "CVE-2015-9235", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-9235 affects version 0.4.0-tuxcare.5 of jsonwebtoken." }, "affects": [ { "ref": "pkg:npm/jsonwebtoken@0.4.0-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:aaffa2ea-b949-57a6-a09a-22b320d4b07e", "id": "CVE-2016-1000223", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000223 affects version 0.4.0-tuxcare.5 of jsonwebtoken." }, "affects": [ { "ref": "pkg:npm/jsonwebtoken@0.4.0-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7174d5aa-f661-577d-afb6-b86d2c244fca", "id": "CVE-2022-23539", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-23539 affects version 0.4.0-tuxcare.5 of jsonwebtoken." }, "affects": [ { "ref": "pkg:npm/jsonwebtoken@0.4.0-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0df5bde6-2d8f-55d7-85ce-1191fe527a20", "id": "CVE-2022-23540", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-23540 affects version 0.4.0-tuxcare.5 of jsonwebtoken." }, "affects": [ { "ref": "pkg:npm/jsonwebtoken@0.4.0-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3ee5785f-9525-5789-ac9d-fd559c836aa9", "id": "CVE-2022-23541", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-23541 affects version 0.4.0-tuxcare.5 of jsonwebtoken." }, "affects": [ { "ref": "pkg:npm/jsonwebtoken@0.4.0-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9c03a7fb-a7ff-5213-b224-a331f3a9a75a", "id": "CVE-2022-46175", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-46175 is fixed in version 0.4.0-tuxcare.5 of jsonwebtoken." }, "affects": [ { "ref": "pkg:npm/jsonwebtoken@0.4.0-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:906afa39-12cf-5c3c-8b8a-1f8b76a9ed8e", "id": "CVE-2024-47764", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-47764 is fixed in version 0.4.0-tuxcare.5 of jsonwebtoken." }, "affects": [ { "ref": "pkg:npm/jsonwebtoken@0.4.0-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:22e50fa1-ba37-5d5b-91fc-79c16363f469", "id": "CVE-2025-65945", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-65945 affects version 0.4.0-tuxcare.5 of jsonwebtoken." }, "affects": [ { "ref": "pkg:npm/jsonwebtoken@0.4.0-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:08df3a5c-6c56-5034-9bcf-8a3a9e69008f", "id": "GHSA-xc7v-wxcw-j472", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-xc7v-wxcw-j472 is fixed in version 0.4.0-tuxcare.5 of jsonwebtoken." }, "affects": [ { "ref": "pkg:npm/jsonwebtoken@0.4.0-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8c12aa34-fa20-5dd6-968e-8430de2f503f", "id": "NSWG-ECO-17", "analysis": { "state": "resolved", "detail": "Vulnerability NSWG-ECO-17 is fixed in version 0.4.0-tuxcare.5 of jsonwebtoken." }, "affects": [ { "ref": "pkg:npm/jsonwebtoken@0.4.0-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:npm/jsonwebtoken@0.4.0-tuxcare.5" } ] }