{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:53c6a096-65c4-54b7-a9ca-c686db641e55", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.netty/netty-all@4.1.48.Final-tuxcare.1", "type": "library", "group": "io.netty", "name": "netty-all", "version": "4.1.48.Final-tuxcare.1", "purl": "pkg:maven/io.netty/netty-all@4.1.48.Final-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:ed820fe1-50f8-5e92-97db-cc3d0e498667", "id": "CVE-2021-21290", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-21290 is fixed in version 4.1.48.Final-tuxcare.1 of io.netty:netty-all." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-all@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:02813356-c9a9-5ee5-8767-48f339846cb2", "id": "CVE-2021-21295", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-21295 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-all." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-all@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:374e7dba-ed46-5811-9bbc-a4d89dbe25cf", "id": "CVE-2021-21409", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-21409 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-all." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-all@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bee65f7a-a375-504a-819f-be4644f62a22", "id": "CVE-2021-37136", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-37136 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-all." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-all@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b00e77fd-54bd-5639-9e6e-004b5bdd6913", "id": "CVE-2021-37137", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-37137 is fixed in version 4.1.48.Final-tuxcare.1 of io.netty:netty-all." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-all@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:37317f0f-98fc-595e-a1ec-c3f611b0138e", "id": "CVE-2021-43797", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-43797 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-all." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-all@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:009bc011-f820-5c63-8add-82e14409b133", "id": "CVE-2022-24823", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-24823 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-all." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-all@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:78449c20-ea9a-5861-b3a8-94e1007e8e5f", "id": "CVE-2022-41881", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-41881 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-all." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-all@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b4783987-6f03-5063-aaea-82e52a04b834", "id": "CVE-2022-41915", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-41915 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-all." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-all@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:48d640a8-1d4c-58a2-9a85-2e26ff7e3668", "id": "CVE-2023-34462", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34462 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-all." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-all@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b95bac99-2648-525b-87f3-6ee418a1d377", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 4.1.48.Final-tuxcare.1 of io.netty:netty-all." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-all@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6d01240f-5f3a-594c-a534-548b64302a57", "id": "CVE-2023-4586", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2023-4586 is a false positive for io.netty:netty-all 4.1.48.Final-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-all@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c459a7f7-73a2-5833-9eca-c2c483217243", "id": "CVE-2024-29025", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-29025 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-all." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-all@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a0fcdf4e-195a-5ca8-b164-e0107b236646", "id": "CVE-2024-47535", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-47535 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-all." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-all@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f710a801-5267-50ba-ab4a-22bd81f81903", "id": "CVE-2025-24970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24970 is fixed in version 4.1.48.Final-tuxcare.1 of io.netty:netty-all." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-all@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8278b62a-ddcd-557d-a5a7-46d5ab0fdd15", "id": "CVE-2025-25193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-25193 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-all." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-all@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ff413612-2e02-587f-bb3e-9683ca884557", "id": "CVE-2025-55163", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55163 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-all." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-all@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:02bde644-0053-54ed-83f9-0ffd88afb5f5", "id": "CVE-2025-58056", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58056 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-all." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-all@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:62b90021-0bf1-5267-99b8-4f3cf17cf8ff", "id": "CVE-2025-58057", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58057 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-all." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-all@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:455f7ffc-8f73-576b-91cc-92915f548211", "id": "CVE-2025-59419", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-59419 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-all." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-all@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a69883ab-062d-5fe7-a654-a114e7252493", "id": "CVE-2025-67735", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-67735 is fixed in version 4.1.48.Final-tuxcare.1 of io.netty:netty-all." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-all@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0006a9e7-eb1b-513f-8508-be46b0c054ef", "id": "CVE-2026-33870", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33870 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-all." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-all@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:145b48c4-f5a7-507e-851d-197c1529cb2e", "id": "CVE-2026-33871", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33871 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-all." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-all@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0f4c4d0b-13c4-5c0e-b6c7-7e4b28d4220e", "id": "GHSA-xpw8-rcwv-8f8p", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-xpw8-rcwv-8f8p affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-all." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-all@4.1.48.Final-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.netty/netty-all@4.1.48.Final-tuxcare.1" } ] }