{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:525c5fd4-0bff-5f93-8322-7560d472e25c", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.netty/netty-all@4.1.60.Final-tuxcare.1", "type": "library", "group": "io.netty", "name": "netty-all", "version": "4.1.60.Final-tuxcare.1", "purl": "pkg:maven/io.netty/netty-all@4.1.60.Final-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:b5b723d4-598c-5fa6-9f94-a9333f81f524", "id": "CVE-2021-21409", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-21409 is fixed in version 4.1.60.Final-tuxcare.1 of io.netty:netty-all." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-all@4.1.60.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1bcff7ea-0574-59ac-9bf1-99ef9559b24f", "id": "CVE-2021-37136", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-37136 is fixed in version 4.1.60.Final-tuxcare.1 of io.netty:netty-all." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-all@4.1.60.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:927926f8-4961-57a0-9586-37ca1f5307f7", "id": "CVE-2021-37137", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-37137 is fixed in version 4.1.60.Final-tuxcare.1 of io.netty:netty-all." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-all@4.1.60.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9009a1ca-419c-58f0-aa08-6431d7b3f298", "id": "CVE-2021-43797", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43797 is fixed in version 4.1.60.Final-tuxcare.1 of io.netty:netty-all." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-all@4.1.60.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0600370d-c0c8-5a29-a2c9-d05fe1b1ed60", "id": "CVE-2022-24823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-24823 is fixed in version 4.1.60.Final-tuxcare.1 of io.netty:netty-all." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-all@4.1.60.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f05e9956-3991-52c8-8452-90048e5c4f89", "id": "CVE-2022-41881", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-41881 is fixed in version 4.1.60.Final-tuxcare.1 of io.netty:netty-all." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-all@4.1.60.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:489b8f23-b3c3-567b-9631-1e1bea819f0c", "id": "CVE-2023-34462", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34462 is fixed in version 4.1.60.Final-tuxcare.1 of io.netty:netty-all." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-all@4.1.60.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2321df59-de6e-5e12-bbc9-a1e6b1509ca0", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 4.1.60.Final-tuxcare.1 of io.netty:netty-all." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-all@4.1.60.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d252f75d-a6c9-5515-92d9-073609854f1b", "id": "CVE-2023-4586", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2023-4586 is a false positive for io.netty:netty-all 4.1.60.Final-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-all@4.1.60.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:aca03fe3-2bb6-51f9-b6e8-b7c497cd1d5a", "id": "CVE-2024-29025", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-29025 is fixed in version 4.1.60.Final-tuxcare.1 of io.netty:netty-all." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-all@4.1.60.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5b45993b-6380-5572-908c-9a7103581884", "id": "CVE-2024-47535", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-47535 is fixed in version 4.1.60.Final-tuxcare.1 of io.netty:netty-all." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-all@4.1.60.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c3aa535b-2c61-5828-8668-e6cce5ff72a7", "id": "CVE-2025-24970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24970 is fixed in version 4.1.60.Final-tuxcare.1 of io.netty:netty-all." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-all@4.1.60.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:df5522a1-49f1-5fb4-a940-d9d6f937ccbc", "id": "CVE-2025-25193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-25193 affects version 4.1.60.Final-tuxcare.1 of io.netty:netty-all." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-all@4.1.60.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7484003b-07f3-5c3b-a618-092725ec92c3", "id": "CVE-2025-55163", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55163 is fixed in version 4.1.60.Final-tuxcare.1 of io.netty:netty-all." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-all@4.1.60.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fa061cf2-ae14-56f7-a96d-338b936bcaf9", "id": "CVE-2025-58056", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58056 affects version 4.1.60.Final-tuxcare.1 of io.netty:netty-all." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-all@4.1.60.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:74cd3113-d6bd-5d03-92e2-1189fc8a68a3", "id": "CVE-2025-58057", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58057 affects version 4.1.60.Final-tuxcare.1 of io.netty:netty-all." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-all@4.1.60.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2bcca527-e310-53d4-8ae2-034d2ea0fb42", "id": "CVE-2025-59419", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-59419 is fixed in version 4.1.60.Final-tuxcare.1 of io.netty:netty-all." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-all@4.1.60.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b610eb3a-3fa8-541b-8b89-f8b03115d9ff", "id": "CVE-2025-67735", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-67735 is fixed in version 4.1.60.Final-tuxcare.1 of io.netty:netty-all." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-all@4.1.60.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cdf1804e-efca-5ef2-b9dc-c402ec7b65a8", "id": "CVE-2026-33870", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33870 affects version 4.1.60.Final-tuxcare.1 of io.netty:netty-all." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-all@4.1.60.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c9bfe7a4-c1f8-5f8e-ab2b-13a55646a0de", "id": "CVE-2026-33871", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33871 affects version 4.1.60.Final-tuxcare.1 of io.netty:netty-all." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-all@4.1.60.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6c79c2b9-3c7c-51b0-b6b0-777b8666d1c1", "id": "GHSA-xpw8-rcwv-8f8p", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-xpw8-rcwv-8f8p is fixed in version 4.1.60.Final-tuxcare.1 of io.netty:netty-all." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-all@4.1.60.Final-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.netty/netty-all@4.1.60.Final-tuxcare.1" } ] }