{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:077fb087-ffff-5b4b-b0f8-cd166473139a", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.netty/netty-codec-haproxy@4.1.92.Final-tuxcare.1", "type": "library", "group": "io.netty", "name": "netty-codec-haproxy", "version": "4.1.92.Final-tuxcare.1", "purl": "pkg:maven/io.netty/netty-codec-haproxy@4.1.92.Final-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:9b8862fb-cd8a-518b-b385-cfc3907ad8a3", "id": "CVE-2023-34462", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34462 is fixed in version 4.1.92.Final-tuxcare.1 of io.netty:netty-codec-haproxy." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-haproxy@4.1.92.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3cc0abcd-3153-5e4e-8f50-1f1113dd4715", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 4.1.92.Final-tuxcare.1 of io.netty:netty-codec-haproxy." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-haproxy@4.1.92.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:083c108d-12b9-5c5e-8764-90c3a72b6a1f", "id": "CVE-2023-4586", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2023-4586 is a false positive for io.netty:netty-codec-haproxy 4.1.92.Final-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-haproxy@4.1.92.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6d964d3b-6d7f-51c0-9c55-d9a8154e5f73", "id": "CVE-2024-29025", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-29025 is fixed in version 4.1.92.Final-tuxcare.1 of io.netty:netty-codec-haproxy." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-haproxy@4.1.92.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5c6b5368-1f12-5fee-a5ea-1f68d4081995", "id": "CVE-2024-47535", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-47535 is fixed in version 4.1.92.Final-tuxcare.1 of io.netty:netty-codec-haproxy." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-haproxy@4.1.92.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:42b3b435-6c56-543f-b85d-0e59bad2ecb2", "id": "CVE-2025-24970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24970 is fixed in version 4.1.92.Final-tuxcare.1 of io.netty:netty-codec-haproxy." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-haproxy@4.1.92.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b68ce971-08b6-5dab-9b22-7d0192968194", "id": "CVE-2025-25193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-25193 affects version 4.1.92.Final-tuxcare.1 of io.netty:netty-codec-haproxy." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-haproxy@4.1.92.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fc7006e8-0d25-5ced-aec9-d0596f0d7fff", "id": "CVE-2025-55163", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55163 is fixed in version 4.1.92.Final-tuxcare.1 of io.netty:netty-codec-haproxy." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-haproxy@4.1.92.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2465fc89-ab75-5c0d-9fa0-67ec39679ed1", "id": "CVE-2025-58056", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58056 affects version 4.1.92.Final-tuxcare.1 of io.netty:netty-codec-haproxy." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-haproxy@4.1.92.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:153818a2-0ca9-58e9-b6ba-682d79d586f3", "id": "CVE-2025-58057", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58057 affects version 4.1.92.Final-tuxcare.1 of io.netty:netty-codec-haproxy." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-haproxy@4.1.92.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:773ab326-e327-5a93-ba8d-79ec861b9649", "id": "CVE-2025-59419", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-59419 is fixed in version 4.1.92.Final-tuxcare.1 of io.netty:netty-codec-haproxy." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-haproxy@4.1.92.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:17025c85-ba0b-5638-a97d-5060d7785bd8", "id": "CVE-2025-67735", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-67735 is fixed in version 4.1.92.Final-tuxcare.1 of io.netty:netty-codec-haproxy." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-haproxy@4.1.92.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:58f89a2e-ba40-57ae-819c-4f86c3d97660", "id": "CVE-2026-33870", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33870 affects version 4.1.92.Final-tuxcare.1 of io.netty:netty-codec-haproxy." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-haproxy@4.1.92.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f35b152d-1cce-5a19-92b8-7e054f38ce58", "id": "CVE-2026-33871", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33871 affects version 4.1.92.Final-tuxcare.1 of io.netty:netty-codec-haproxy." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-haproxy@4.1.92.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:752eeb28-054c-503a-9906-aa7e0c0bbd7b", "id": "GHSA-xpw8-rcwv-8f8p", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-xpw8-rcwv-8f8p affects version 4.1.92.Final-tuxcare.1 of io.netty:netty-codec-haproxy." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-haproxy@4.1.92.Final-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.netty/netty-codec-haproxy@4.1.92.Final-tuxcare.1" } ] }