{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:46efad95-19ed-545d-b48f-b7ea0aab4643", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.netty/netty-all@4.1.63.Final-tuxcare.1", "type": "library", "group": "io.netty", "name": "netty-all", "version": "4.1.63.Final-tuxcare.1", "purl": "pkg:maven/io.netty/netty-all@4.1.63.Final-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:740e402a-7e36-5a5c-a24a-ee1803301ae5", "id": "CVE-2021-37136", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-37136 is fixed in version 4.1.63.Final-tuxcare.1 of io.netty:netty-all." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-all@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d964fea4-cda8-53f4-9f7f-58d713cc44ec", "id": "CVE-2021-37137", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-37137 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-all." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-all@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0c02a53b-b514-5e31-9559-cb980bf55716", "id": "CVE-2021-43797", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-43797 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-all." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-all@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:de7ed6ba-6933-54fc-8ba8-5f0934d6667f", "id": "CVE-2022-24823", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-24823 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-all." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-all@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:215553dd-eb26-50a3-8c25-8a160bd89b9a", "id": "CVE-2022-41881", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-41881 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-all." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-all@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b5260b60-3c31-5603-9623-f7aa3fa0208f", "id": "CVE-2022-41915", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-41915 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-all." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-all@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:33e92b20-4507-57d8-aed0-87cedd793edb", "id": "CVE-2023-34462", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34462 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-all." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-all@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3215119a-7986-52aa-8c24-a85106ce6ae0", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-all." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-all@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3d5aa004-0174-5d16-97a4-517ce46c38a6", "id": "CVE-2023-4586", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2023-4586 is a false positive for io.netty:netty-all 4.1.63.Final-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-all@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1104444f-87f5-5dcd-99b1-e9fcda59f098", "id": "CVE-2024-29025", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-29025 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-all." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-all@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d26fb413-3e5b-5f49-a1e8-cd7e14ee47e0", "id": "CVE-2024-47535", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-47535 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-all." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-all@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e46a2d62-d59d-54a7-8e56-17c3d4275d04", "id": "CVE-2025-24970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24970 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-all." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-all@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:457a9000-20b5-50dc-8530-c2c83360290f", "id": "CVE-2025-25193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-25193 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-all." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-all@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8c94ab5d-d517-5788-93af-8f34d88a5909", "id": "CVE-2025-55163", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55163 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-all." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-all@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:117dfb20-12a6-50ff-8ff3-b60e1e5791fd", "id": "CVE-2025-58056", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58056 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-all." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-all@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d6781238-dd46-57cf-8870-12179a53657c", "id": "CVE-2025-58057", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58057 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-all." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-all@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:db6a41f0-b4dd-553e-a5f2-94a039db849e", "id": "CVE-2025-59419", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-59419 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-all." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-all@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:21d14dd7-d469-50a5-a2f1-ef0f2e60d44c", "id": "CVE-2025-67735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-67735 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-all." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-all@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7d15527f-6028-5545-9338-b45eb2deba2f", "id": "CVE-2026-33870", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33870 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-all." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-all@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6c95090c-88d8-5600-af42-b33eebafb4dd", "id": "CVE-2026-33871", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33871 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-all." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-all@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:562cf166-6ede-566d-9a9e-bf107208f141", "id": "GHSA-xpw8-rcwv-8f8p", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-xpw8-rcwv-8f8p affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-all." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-all@4.1.63.Final-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.netty/netty-all@4.1.63.Final-tuxcare.1" } ] }