{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:e0b4c23c-8506-553c-b085-0b9a9a1d73bf", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.netty/netty-bom@4.1.48.Final-tuxcare.1", "type": "library", "group": "io.netty", "name": "netty-bom", "version": "4.1.48.Final-tuxcare.1", "purl": "pkg:maven/io.netty/netty-bom@4.1.48.Final-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:a5465733-ff50-5f95-9822-664e50a845ec", "id": "CVE-2021-21290", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-21290 is fixed in version 4.1.48.Final-tuxcare.1 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b35259ca-f57d-5669-b6cb-6cd2af29552f", "id": "CVE-2021-21295", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-21295 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8b56cbc6-f9ae-5575-8a7f-9552ff09bcd3", "id": "CVE-2021-21409", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-21409 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1d884063-156a-58de-b84f-f4f3916dea74", "id": "CVE-2021-37136", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-37136 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:45af9624-3da5-5833-9e54-8fda9e95853b", "id": "CVE-2021-37137", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-37137 is fixed in version 4.1.48.Final-tuxcare.1 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0022ced1-6260-5736-bc70-65ee1de920ce", "id": "CVE-2021-43797", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-43797 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a591a028-1408-5147-9155-edb9d18f02ed", "id": "CVE-2022-24823", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-24823 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:de36a772-d592-56d4-8d76-0559f18bd37b", "id": "CVE-2022-41881", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-41881 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:029323c1-cf7a-5307-a2e8-0576b4adad31", "id": "CVE-2022-41915", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-41915 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:10c94f30-0c9f-5bf1-872a-1d6ef337ed5e", "id": "CVE-2023-34462", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34462 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a0cd3c16-e643-5873-a98e-d2a3f1237c2e", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 4.1.48.Final-tuxcare.1 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c583f743-cd99-5d35-afac-84be320e44ef", "id": "CVE-2023-4586", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2023-4586 is a false positive for io.netty:netty-bom 4.1.48.Final-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3dc64c17-41cd-51cb-ab4e-f09e2d0624eb", "id": "CVE-2024-29025", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-29025 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:476adc9a-058f-5bcf-ac75-708952f1e9a7", "id": "CVE-2024-47535", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-47535 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1eaa41f3-9f30-5fb4-b5cb-161e25a641a1", "id": "CVE-2025-24970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24970 is fixed in version 4.1.48.Final-tuxcare.1 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:784dcb10-af90-504d-9df2-64bf43f71b0b", "id": "CVE-2025-25193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-25193 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b159a9f7-d35c-5a9d-b5bd-4970c8a2aab3", "id": "CVE-2025-55163", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55163 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7ae23903-f71c-5201-ad29-57645bd7ed81", "id": "CVE-2025-58056", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58056 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4db854e1-60e9-5225-9135-764dd1e46099", "id": "CVE-2025-58057", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58057 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a972312a-a827-5c4f-9c21-49ae25f94574", "id": "CVE-2025-59419", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-59419 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3981df85-8b6f-5200-8ad0-59a19619f3f5", "id": "CVE-2025-67735", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-67735 is fixed in version 4.1.48.Final-tuxcare.1 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:947a7952-ffa0-59ab-aec9-754eeb1d4b8a", "id": "CVE-2026-33870", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33870 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:71b3232e-54c9-502e-b840-826600921b5d", "id": "CVE-2026-33871", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33871 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9da584b7-3779-5453-8046-8a3a32dda4a8", "id": "GHSA-xpw8-rcwv-8f8p", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-xpw8-rcwv-8f8p affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.48.Final-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.48.Final-tuxcare.1" } ] }