{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:49cdb686-f7da-57d9-8706-bd662cb891b6", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.netty/netty-bom@4.1.63.Final-tuxcare.3", "type": "library", "group": "io.netty", "name": "netty-bom", "version": "4.1.63.Final-tuxcare.3", "purl": "pkg:maven/io.netty/netty-bom@4.1.63.Final-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:98f74c42-3d92-5f9e-8691-442f69855626", "id": "CVE-2021-37136", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-37136 is fixed in version 4.1.63.Final-tuxcare.3 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.63.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:33c50dd0-6cee-5f22-ba48-66f75a1b7374", "id": "CVE-2021-37137", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-37137 is fixed in version 4.1.63.Final-tuxcare.3 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.63.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ed955d2f-fe16-5238-8602-a13551061c61", "id": "CVE-2021-43797", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43797 is fixed in version 4.1.63.Final-tuxcare.3 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.63.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e8721db1-43e4-5696-bd8c-ba4120691592", "id": "CVE-2022-24823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-24823 is fixed in version 4.1.63.Final-tuxcare.3 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.63.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d1af7355-f42d-57c3-81de-2f93ea38b771", "id": "CVE-2022-41881", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-41881 is fixed in version 4.1.63.Final-tuxcare.3 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.63.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:56009762-fa31-5508-bcaf-09762f363f15", "id": "CVE-2022-41915", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-41915 is fixed in version 4.1.63.Final-tuxcare.3 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.63.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9a948faa-834c-595e-9aee-9cf94acd4612", "id": "CVE-2023-34462", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34462 is fixed in version 4.1.63.Final-tuxcare.3 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.63.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:77b6849a-5911-53c3-99db-a0f55b688993", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 4.1.63.Final-tuxcare.3 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.63.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a0738b3a-150f-508c-b840-275d4adf49ad", "id": "CVE-2023-4586", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2023-4586 is a false positive for io.netty:netty-bom 4.1.63.Final-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.63.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:00ecdc3d-9a9c-5e46-96ec-f2171bac4d05", "id": "CVE-2024-29025", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-29025 is fixed in version 4.1.63.Final-tuxcare.3 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.63.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:38f6b2eb-cf4b-5c51-85bd-501cdb8e74b6", "id": "CVE-2024-47535", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-47535 is fixed in version 4.1.63.Final-tuxcare.3 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.63.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:729042c0-e61f-557e-bf26-03e4b0c69c91", "id": "CVE-2025-24970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24970 is fixed in version 4.1.63.Final-tuxcare.3 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.63.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:46aab76c-30e1-542a-bf3c-e14514f53793", "id": "CVE-2025-25193", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-25193 is fixed in version 4.1.63.Final-tuxcare.3 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.63.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0b2d3415-01b2-5d93-afac-880e51fa32af", "id": "CVE-2025-55163", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55163 is fixed in version 4.1.63.Final-tuxcare.3 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.63.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c7850e8c-f4b6-5c8f-b094-fe49b2a3ce39", "id": "CVE-2025-58056", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58056 affects version 4.1.63.Final-tuxcare.3 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.63.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9376e880-8a5a-53a5-b40a-818c87355c1f", "id": "CVE-2025-58057", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-58057 is fixed in version 4.1.63.Final-tuxcare.3 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.63.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cc789096-e16d-5fed-b1d4-c1e4c88e4fb9", "id": "CVE-2025-59419", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-59419 is fixed in version 4.1.63.Final-tuxcare.3 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.63.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:426f29ca-d82c-5710-841e-3d35aedb848f", "id": "CVE-2025-67735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-67735 affects version 4.1.63.Final-tuxcare.3 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.63.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c871f46f-8f8f-5989-bfdf-d467a35439d1", "id": "CVE-2026-33870", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33870 affects version 4.1.63.Final-tuxcare.3 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.63.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f437365c-53b3-5f70-9250-d044b4441691", "id": "CVE-2026-33871", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33871 affects version 4.1.63.Final-tuxcare.3 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.63.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b857afcf-1174-521d-8524-123f35d060de", "id": "GHSA-xpw8-rcwv-8f8p", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-xpw8-rcwv-8f8p affects version 4.1.63.Final-tuxcare.3 of io.netty:netty-bom." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.63.Final-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.netty/netty-bom@4.1.63.Final-tuxcare.3" } ] }