{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:09e59ee8-f27f-5d9c-8a0b-a2ea797beb6c", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.netty/netty-bom@4.1.58.Final-tuxcare.1", "type": "library", "group": "io.netty", "name": "netty-bom", "version": "4.1.58.Final-tuxcare.1", "purl": "pkg:maven/io.netty/netty-bom@4.1.58.Final-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:e7424148-f6b1-573e-b53d-2651f060e8a6", "id": "CVE-2021-21290", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-21290 is fixed in version 4.1.58.Final-tuxcare.1 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ecce8f4e-0c49-505d-8533-7a43e6412616", "id": "CVE-2021-21295", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-21295 is fixed in version 4.1.58.Final-tuxcare.1 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:920b2551-ceba-56ca-84e9-7e390098e567", "id": "CVE-2021-21409", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-21409 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:feac65b0-bb40-50c9-aeb7-a2de3bc208d5", "id": "CVE-2021-37136", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-37136 is fixed in version 4.1.58.Final-tuxcare.1 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e79e4b68-bf2b-528f-9850-e66a29c7fa6e", "id": "CVE-2021-37137", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-37137 is fixed in version 4.1.58.Final-tuxcare.1 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f1da3feb-d79f-5f5d-8896-98e963d25afc", "id": "CVE-2021-43797", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-43797 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9adeb7d4-294d-5401-b025-0819e898d232", "id": "CVE-2022-24823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-24823 is fixed in version 4.1.58.Final-tuxcare.1 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1960000e-1078-59e4-b57c-295c2967ef19", "id": "CVE-2022-41881", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-41881 is fixed in version 4.1.58.Final-tuxcare.1 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0ebf86b7-e34c-52e1-821d-5251d71e8c8e", "id": "CVE-2023-34462", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34462 is fixed in version 4.1.58.Final-tuxcare.1 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5fd5f504-baca-5352-a360-5a8908c348e5", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:31446b12-5499-537c-a4c1-3301014153f6", "id": "CVE-2023-4586", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2023-4586 is a false positive for io.netty:netty-bom 4.1.58.Final-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d8fa1420-b74f-56c4-bee7-14a365bec45e", "id": "CVE-2024-29025", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-29025 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6ddb17c2-7cba-539a-8759-e81827f1565c", "id": "CVE-2024-47535", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-47535 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9038c500-d8cd-520e-9a91-cd9e141aef4a", "id": "CVE-2025-24970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24970 is fixed in version 4.1.58.Final-tuxcare.1 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a91c2e81-5de5-5934-8041-23d746e2a08f", "id": "CVE-2025-25193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-25193 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c8e59c63-3a67-5209-9135-b72ad98eea9b", "id": "CVE-2025-55163", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55163 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c475ff25-043f-51b2-a6a0-317382c711c4", "id": "CVE-2025-58056", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58056 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9daa2102-e637-5bb7-b5ac-598f2ca220a1", "id": "CVE-2025-58057", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58057 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0188fb28-9764-5771-b6a6-57f80a80700c", "id": "CVE-2025-59419", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-59419 is fixed in version 4.1.58.Final-tuxcare.1 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:608d7f1f-8910-5b80-b3ff-07dd5efb9898", "id": "CVE-2025-67735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-67735 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:22772347-3a92-590d-a299-e4bf0fc257d3", "id": "CVE-2026-33870", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33870 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:673c8e44-e11a-58c5-8ab1-d37c6d4643f9", "id": "CVE-2026-33871", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33871 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:88983878-f1e1-5eaf-ad54-2e2d49f8df0d", "id": "GHSA-xpw8-rcwv-8f8p", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-xpw8-rcwv-8f8p affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.58.Final-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.58.Final-tuxcare.1" } ] }