{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:145b0e25-f0d3-555f-b58f-1f06f80a0efe", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.netty/netty-buffer@4.1.82.Final-tuxcare.1", "type": "library", "group": "io.netty", "name": "netty-buffer", "version": "4.1.82.Final-tuxcare.1", "purl": "pkg:maven/io.netty/netty-buffer@4.1.82.Final-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:73fcaa1d-98af-5f46-878f-6f70ee4025d8", "id": "CVE-2022-41881", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-41881 is fixed in version 4.1.82.Final-tuxcare.1 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.82.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7a3c61b0-a31b-5b39-b0f8-b3daa72e52f6", "id": "CVE-2022-41915", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-41915 affects version 4.1.82.Final-tuxcare.1 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.82.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4825cb10-a09c-5fba-b78d-9e1ded2e9aa0", "id": "CVE-2023-34462", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34462 affects version 4.1.82.Final-tuxcare.1 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.82.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:709bff2b-84a5-5558-a024-6eb16034917a", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 4.1.82.Final-tuxcare.1 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.82.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6675f2a0-c8e9-5e34-bc76-a96c8d6691ab", "id": "CVE-2023-4586", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2023-4586 is a false positive for io.netty:netty-buffer 4.1.82.Final-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.82.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a5311f41-acf9-5cca-932f-256b9a5f3ca2", "id": "CVE-2024-29025", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-29025 affects version 4.1.82.Final-tuxcare.1 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.82.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:abc94bb2-0637-5eb5-8afc-305779162ce4", "id": "CVE-2024-47535", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-47535 affects version 4.1.82.Final-tuxcare.1 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.82.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:78c5370b-4085-575e-bb95-548b6ae8dbca", "id": "CVE-2025-24970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24970 is fixed in version 4.1.82.Final-tuxcare.1 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.82.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:af5da89c-23d1-5a98-acdb-ee77af2d439e", "id": "CVE-2025-25193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-25193 affects version 4.1.82.Final-tuxcare.1 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.82.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:05a74f08-9923-52f3-9a5c-3daa23ab9c13", "id": "CVE-2025-55163", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55163 is fixed in version 4.1.82.Final-tuxcare.1 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.82.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:61f63c21-71e4-5d3b-8f13-d2629fd16dfb", "id": "CVE-2025-58056", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58056 affects version 4.1.82.Final-tuxcare.1 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.82.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:055466a3-5b29-582d-ba21-dc0464595aa4", "id": "CVE-2025-58057", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58057 affects version 4.1.82.Final-tuxcare.1 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.82.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ca470405-3d19-5392-be1f-cfeaab5d9a5d", "id": "CVE-2025-59419", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-59419 is fixed in version 4.1.82.Final-tuxcare.1 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.82.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:83c5ec09-0726-551b-bc7b-a05335fa3bd6", "id": "CVE-2025-67735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-67735 affects version 4.1.82.Final-tuxcare.1 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.82.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c65fe7a3-0170-52ec-b2b3-c4514ef93100", "id": "CVE-2026-33870", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33870 affects version 4.1.82.Final-tuxcare.1 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.82.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:15b19074-5d3f-504f-8d1c-e93f6b1edfcd", "id": "CVE-2026-33871", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33871 affects version 4.1.82.Final-tuxcare.1 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.82.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:98affc33-1811-5872-950c-f7c944f6be5e", "id": "GHSA-xpw8-rcwv-8f8p", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-xpw8-rcwv-8f8p is fixed in version 4.1.82.Final-tuxcare.1 of io.netty:netty-buffer." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.82.Final-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.netty/netty-buffer@4.1.82.Final-tuxcare.1" } ] }