{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:2e87e24e-6951-540c-9e98-eadef2e0863e", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.netty/netty-buffer@4.1.48.Final-tuxcare.1", "type": "library", "group": "io.netty", "name": "netty-buffer", "version": "4.1.48.Final-tuxcare.1", "purl": "pkg:maven/io.netty/netty-buffer@4.1.48.Final-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:268bb8f8-2584-509b-b4c4-d4cb2876c9d6", "id": "CVE-2021-21290", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-21290 is fixed in version 4.1.48.Final-tuxcare.1 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:778144e0-1409-5351-aff4-275e98c2d648", "id": "CVE-2021-21295", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-21295 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ef5a16d8-66d9-55eb-b11a-5bcdb5b62112", "id": "CVE-2021-21409", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-21409 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2f07bd84-221d-5f53-8ce7-a84c65e94dc6", "id": "CVE-2021-37136", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-37136 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:50ccd06a-4ad9-5572-babb-fb0b454563c8", "id": "CVE-2021-37137", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-37137 is fixed in version 4.1.48.Final-tuxcare.1 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fbbc7d82-96fb-581f-a239-a7ba3d824ff0", "id": "CVE-2021-43797", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-43797 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:19cc78d4-82f6-578b-b609-e01390311bed", "id": "CVE-2022-24823", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-24823 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d1ca4048-8fc6-5f2d-b749-2a6113d476e5", "id": "CVE-2022-41881", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-41881 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:83363c2d-ee9d-5a48-89bb-56933a35335e", "id": "CVE-2022-41915", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-41915 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:24cc8dc0-e2c5-5df9-aeac-99b26b3511dd", "id": "CVE-2023-34462", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34462 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:afb47caf-1a40-5e71-b41f-753d9d351a82", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 4.1.48.Final-tuxcare.1 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3bd4f93a-671d-55cc-89d4-280e2f5bc404", "id": "CVE-2023-4586", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2023-4586 is a false positive for io.netty:netty-buffer 4.1.48.Final-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c272ead7-b722-5130-85da-22f1c624cf48", "id": "CVE-2024-29025", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-29025 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:410eccc0-aeb2-5538-8d68-1c78502cc3b5", "id": "CVE-2024-47535", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-47535 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1d3d029b-1a9b-5527-be8f-1574092e1143", "id": "CVE-2025-24970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24970 is fixed in version 4.1.48.Final-tuxcare.1 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:efdf7a77-4220-56c2-b13f-665dc2753868", "id": "CVE-2025-25193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-25193 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bd3efb57-ffb4-5a5b-a4d2-9d7c708dd9a5", "id": "CVE-2025-55163", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55163 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9e862af9-653b-5ab4-88c9-79dad1152f9a", "id": "CVE-2025-58056", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58056 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:081c9438-bbcc-5bb5-b350-4faa9f7299b2", "id": "CVE-2025-58057", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58057 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dbfcaba7-b217-5656-8431-47e16fc042d8", "id": "CVE-2025-59419", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-59419 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d08e9f09-e21e-5e7a-a3d2-db249054c07a", "id": "CVE-2025-67735", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-67735 is fixed in version 4.1.48.Final-tuxcare.1 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:49a1511e-c9f0-5e25-a965-d86fabf4a21c", "id": "CVE-2026-33870", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33870 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bba014ed-da24-5120-8efd-0f2ed2c33f8f", "id": "CVE-2026-33871", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33871 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ec1eb68d-af94-5e85-8287-eed05449c644", "id": "GHSA-xpw8-rcwv-8f8p", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-xpw8-rcwv-8f8p affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.48.Final-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.48.Final-tuxcare.1" } ] }