{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:56ea3425-65ad-55b8-bebe-9cb503daca86", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.netty/netty-bom@4.1.63.Final-tuxcare.1", "type": "library", "group": "io.netty", "name": "netty-bom", "version": "4.1.63.Final-tuxcare.1", "purl": "pkg:maven/io.netty/netty-bom@4.1.63.Final-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:19bce19d-998f-5889-b4dd-22ccb6e1d031", "id": "CVE-2021-37136", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-37136 is fixed in version 4.1.63.Final-tuxcare.1 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:82a61bd1-cf07-5ee9-8231-5f66b57cefbf", "id": "CVE-2021-37137", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-37137 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0d5b124a-dc8b-5a97-a10f-46247803f368", "id": "CVE-2021-43797", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-43797 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6d1c07e9-6944-5275-ac9b-8175d78a503f", "id": "CVE-2022-24823", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-24823 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:300f2642-8df6-54a6-a04e-aee8415cb482", "id": "CVE-2022-41881", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-41881 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8e424902-912d-51e6-ae67-ace663fb76e5", "id": "CVE-2022-41915", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-41915 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:81c365de-fe92-5ea3-961c-b1acce3b59be", "id": "CVE-2023-34462", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34462 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4ca14158-4ce8-5bef-b36a-235cb977bfd5", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:69dc7d69-3f9e-59fd-b76a-3a44ab106d8e", "id": "CVE-2023-4586", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2023-4586 is a false positive for io.netty:netty-bom 4.1.63.Final-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7f83a4c4-45ea-5c52-ab55-cb3d3b5dce0b", "id": "CVE-2024-29025", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-29025 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8dfc389d-734a-5a0e-9978-60b9d3d0c7e6", "id": "CVE-2024-47535", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-47535 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cc34a727-b178-5573-9088-fdc0db364d38", "id": "CVE-2025-24970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24970 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dc644fc1-a654-52fb-9680-523aa59fa2c1", "id": "CVE-2025-25193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-25193 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:62e29de4-b6be-50ec-a817-9fe2697f5c8e", "id": "CVE-2025-55163", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55163 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6c5f71f4-7805-50ee-987e-f99d7b108e1b", "id": "CVE-2025-58056", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58056 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9cdeb94a-a1f6-5326-92dc-eb6da68c6759", "id": "CVE-2025-58057", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58057 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:06d5c2c6-d1f4-521b-9e1e-eefc1db385e5", "id": "CVE-2025-59419", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-59419 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fe3eedad-e261-547f-af52-2ac20e827f5d", "id": "CVE-2025-67735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-67735 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:55806515-ea26-5bdd-a89e-56102bd2c9b5", "id": "CVE-2026-33870", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33870 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:139dc13f-071f-51fd-868f-c0db7ee52024", "id": "CVE-2026-33871", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33871 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0461e739-b49c-5ead-b167-fc2bf727ecde", "id": "GHSA-xpw8-rcwv-8f8p", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-xpw8-rcwv-8f8p affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.63.Final-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.63.Final-tuxcare.1" } ] }