{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:a21a7db7-9e62-5725-b428-03b607c87a94", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.netty/netty-buffer@4.1.52.Final-tuxcare.1", "type": "library", "group": "io.netty", "name": "netty-buffer", "version": "4.1.52.Final-tuxcare.1", "purl": "pkg:maven/io.netty/netty-buffer@4.1.52.Final-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:f108b59a-89e9-597f-897d-c40b6f8310f8", "id": "CVE-2021-21290", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-21290 is fixed in version 4.1.52.Final-tuxcare.1 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.52.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f2b2a102-c76a-542f-8d1e-61bdb8245e2e", "id": "CVE-2021-21295", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-21295 is fixed in version 4.1.52.Final-tuxcare.1 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.52.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:26bce8d0-0865-5338-97e1-b8d2f29cba53", "id": "CVE-2021-21409", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-21409 is fixed in version 4.1.52.Final-tuxcare.1 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.52.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:69c27d42-7f72-5615-8a90-0c4cab0e3574", "id": "CVE-2021-37136", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-37136 is fixed in version 4.1.52.Final-tuxcare.1 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.52.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:73d474e2-3c8a-559a-8680-2beca20d62b4", "id": "CVE-2021-37137", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-37137 is fixed in version 4.1.52.Final-tuxcare.1 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.52.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4951d390-bff1-5c7b-9fd0-3d515a004a3d", "id": "CVE-2021-43797", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43797 is fixed in version 4.1.52.Final-tuxcare.1 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.52.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:304346c6-07ab-57d4-b9aa-f3f9f572dbba", "id": "CVE-2022-24823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-24823 is fixed in version 4.1.52.Final-tuxcare.1 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.52.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b177bf77-5381-52c0-899b-5df98e0ec6d2", "id": "CVE-2022-41881", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-41881 is fixed in version 4.1.52.Final-tuxcare.1 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.52.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:697d45d8-3751-55e6-85c9-a21a0ae7baf5", "id": "CVE-2023-34462", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34462 affects version 4.1.52.Final-tuxcare.1 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.52.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:22cbc3e1-cd89-5785-89c9-9ceb29532826", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 4.1.52.Final-tuxcare.1 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.52.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7e44de36-ea12-51a5-a2f7-6a8640fcf75a", "id": "CVE-2023-4586", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2023-4586 is a false positive for io.netty:netty-buffer 4.1.52.Final-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.52.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7043f908-8219-5584-bfcc-1c10723c8e0c", "id": "CVE-2024-29025", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-29025 is fixed in version 4.1.52.Final-tuxcare.1 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.52.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5f4c240a-ff72-590c-a5d1-fcf24d098693", "id": "CVE-2024-47535", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-47535 is fixed in version 4.1.52.Final-tuxcare.1 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.52.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:73b5ee7b-9d0a-5a0c-8109-3da2be3de6f9", "id": "CVE-2025-24970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24970 affects version 4.1.52.Final-tuxcare.1 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.52.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a19966d2-7056-50e3-a68d-425cdaa8b912", "id": "CVE-2025-25193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-25193 affects version 4.1.52.Final-tuxcare.1 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.52.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6693d792-ce06-5c30-8736-54190f872272", "id": "CVE-2025-55163", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55163 affects version 4.1.52.Final-tuxcare.1 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.52.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:73f50ec4-3ce1-50da-9ad3-cf9089f21c16", "id": "CVE-2025-58056", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-58056 is fixed in version 4.1.52.Final-tuxcare.1 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.52.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:18a39e5d-b92f-51d9-916b-2370e0de086d", "id": "CVE-2025-58057", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-58057 is fixed in version 4.1.52.Final-tuxcare.1 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.52.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a366d02a-3a73-5d04-9eb7-143f42b9e12f", "id": "CVE-2025-59419", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-59419 is fixed in version 4.1.52.Final-tuxcare.1 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.52.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5052151b-ec94-5c55-8c05-7a989a7c4e23", "id": "CVE-2025-67735", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-67735 is fixed in version 4.1.52.Final-tuxcare.1 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.52.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1f077dcf-7da1-5887-9d12-9241db8c94c8", "id": "CVE-2026-33870", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33870 affects version 4.1.52.Final-tuxcare.1 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.52.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e6dd8bb5-a67b-5ef8-bac2-bc1bb74f84d3", "id": "CVE-2026-33871", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33871 affects version 4.1.52.Final-tuxcare.1 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.52.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:db38fd5d-a5e4-5956-8c2f-82cdbb2e7db1", "id": "GHSA-xpw8-rcwv-8f8p", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-xpw8-rcwv-8f8p is fixed in version 4.1.52.Final-tuxcare.1 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.52.Final-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.52.Final-tuxcare.1" } ] }