{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:9638690f-ebd8-58ff-847e-ca3def51b48a", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.netty/netty-buffer@4.1.63.Final-tuxcare.2", "type": "library", "group": "io.netty", "name": "netty-buffer", "version": "4.1.63.Final-tuxcare.2", "purl": "pkg:maven/io.netty/netty-buffer@4.1.63.Final-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:3e92f780-43bf-5c2b-8e6b-279bd8bf30df", "id": "CVE-2021-37136", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-37136 is fixed in version 4.1.63.Final-tuxcare.2 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.63.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cfd735bb-b3d3-5e82-ab9a-290bc207189f", "id": "CVE-2021-37137", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-37137 is fixed in version 4.1.63.Final-tuxcare.2 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.63.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:358a9dba-c215-5ad7-8226-33c4eb70841f", "id": "CVE-2021-43797", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43797 is fixed in version 4.1.63.Final-tuxcare.2 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.63.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5fba9277-2611-55da-a1b2-577874d629af", "id": "CVE-2022-24823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-24823 is fixed in version 4.1.63.Final-tuxcare.2 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.63.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fa0c7590-bffd-5c5b-95cd-1089228b763a", "id": "CVE-2022-41881", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-41881 is fixed in version 4.1.63.Final-tuxcare.2 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.63.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b768ebcd-cf4a-59c6-b47f-e36f278cf4ab", "id": "CVE-2022-41915", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-41915 is fixed in version 4.1.63.Final-tuxcare.2 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.63.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fc3c9e8f-795b-51f2-b090-3d14624143f2", "id": "CVE-2023-34462", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34462 is fixed in version 4.1.63.Final-tuxcare.2 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.63.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4726b7d6-cd08-54fc-8798-52da706a2db7", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 4.1.63.Final-tuxcare.2 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.63.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:13a2a818-c1e0-5de3-a075-9db954594416", "id": "CVE-2023-4586", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2023-4586 is a false positive for io.netty:netty-buffer 4.1.63.Final-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.63.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:872b3980-a3ea-52b1-9745-3014c80098df", "id": "CVE-2024-29025", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-29025 is fixed in version 4.1.63.Final-tuxcare.2 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.63.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:15a230eb-8c9a-5933-819f-cee1e7b99550", "id": "CVE-2024-47535", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-47535 is fixed in version 4.1.63.Final-tuxcare.2 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.63.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:92da754a-c835-5e7c-ba78-3324b3926c88", "id": "CVE-2025-24970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24970 affects version 4.1.63.Final-tuxcare.2 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.63.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:09654de1-4a2e-5d1a-a893-05d3e135b0cf", "id": "CVE-2025-25193", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-25193 is fixed in version 4.1.63.Final-tuxcare.2 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.63.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:20382d83-fb84-5bac-a05e-66c026fb3645", "id": "CVE-2025-55163", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55163 is fixed in version 4.1.63.Final-tuxcare.2 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.63.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9c3b3ad2-81f6-5f73-82f1-2dc0b044484d", "id": "CVE-2025-58056", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58056 affects version 4.1.63.Final-tuxcare.2 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.63.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:905acd1d-7044-50f4-bfe7-c60b96e3d1ce", "id": "CVE-2025-58057", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-58057 is fixed in version 4.1.63.Final-tuxcare.2 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.63.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f9e77f34-29ce-516d-9280-84cf6447c04a", "id": "CVE-2025-59419", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-59419 affects version 4.1.63.Final-tuxcare.2 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.63.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c5e116bb-b4c2-531f-b556-7ec246d8caca", "id": "CVE-2025-67735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-67735 affects version 4.1.63.Final-tuxcare.2 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.63.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bc35646d-5f93-559f-bbab-12d46a78e54d", "id": "CVE-2026-33870", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33870 affects version 4.1.63.Final-tuxcare.2 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.63.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2bb13b2e-ec18-5e93-827b-99481e6590f4", "id": "CVE-2026-33871", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33871 affects version 4.1.63.Final-tuxcare.2 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.63.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:431f1c04-e4fc-5dad-ae49-0a68e344eecf", "id": "GHSA-xpw8-rcwv-8f8p", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-xpw8-rcwv-8f8p affects version 4.1.63.Final-tuxcare.2 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.63.Final-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.63.Final-tuxcare.2" } ] }