{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:767c3b17-2252-50b8-9c82-c250d00bf653", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.netty/netty-codec-socks@4.1.48.Final-tuxcare.1", "type": "library", "group": "io.netty", "name": "netty-codec-socks", "version": "4.1.48.Final-tuxcare.1", "purl": "pkg:maven/io.netty/netty-codec-socks@4.1.48.Final-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:102c6252-2e80-558a-af74-5aa4fc28ecab", "id": "CVE-2021-21290", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-21290 is fixed in version 4.1.48.Final-tuxcare.1 of io.netty:netty-codec-socks." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-socks@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b9e27624-317a-5e2e-b86d-0cfdd1a92bae", "id": "CVE-2021-21295", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-21295 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-codec-socks." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-socks@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5f36d3a2-bbdb-56c0-b65c-e5fcf9d35940", "id": "CVE-2021-21409", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-21409 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-codec-socks." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-socks@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:45e5b902-17e5-545b-a608-124b28d6b550", "id": "CVE-2021-37136", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-37136 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-codec-socks." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-socks@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6f91efcc-7f35-5864-a40f-5ab9bd9cd8e1", "id": "CVE-2021-37137", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-37137 is fixed in version 4.1.48.Final-tuxcare.1 of io.netty:netty-codec-socks." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-socks@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:675a310a-b51c-535b-a421-46924ad631e0", "id": "CVE-2021-43797", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-43797 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-codec-socks." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-socks@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bbdd773b-0e96-52f8-b67a-b863846ca599", "id": "CVE-2022-24823", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-24823 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-codec-socks." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-socks@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:41cfd342-fcc4-5f8b-82d8-17b7b91bdef4", "id": "CVE-2022-41881", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-41881 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-codec-socks." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-socks@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:46aec755-dab5-5c69-94bd-582d6d7c860d", "id": "CVE-2022-41915", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-41915 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-codec-socks." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-socks@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:26af3d56-e968-5627-8679-f45800684c7b", "id": "CVE-2023-34462", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34462 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-codec-socks." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-socks@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:934e6cfe-7b15-5014-8747-5d5df8bbc793", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 4.1.48.Final-tuxcare.1 of io.netty:netty-codec-socks." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-socks@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9503c4b5-a5c6-5c8b-bc77-258e2f1602ab", "id": "CVE-2023-4586", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2023-4586 is a false positive for io.netty:netty-codec-socks 4.1.48.Final-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-socks@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cdb2c1e0-1110-5914-9a0b-af9286c534b1", "id": "CVE-2024-29025", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-29025 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-codec-socks." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-socks@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9c055863-d83f-5386-b132-de706591b7bb", "id": "CVE-2024-47535", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-47535 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-codec-socks." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-socks@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a96de252-2153-5626-9bd1-eb1640476eed", "id": "CVE-2025-24970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24970 is fixed in version 4.1.48.Final-tuxcare.1 of io.netty:netty-codec-socks." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-socks@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:da7dbf33-a760-57b3-b8dd-2a72344e9112", "id": "CVE-2025-25193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-25193 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-codec-socks." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-socks@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2a69b229-0164-5e58-ab57-a0c34391f854", "id": "CVE-2025-55163", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55163 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-codec-socks." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-socks@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:19e4dc27-33b1-5175-be28-576a69797408", "id": "CVE-2025-58056", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58056 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-codec-socks." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-socks@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:26060d80-88df-5a45-80f8-2f2e8eefe51d", "id": "CVE-2025-58057", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58057 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-codec-socks." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-socks@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:32465d6e-8a5d-517d-98e0-29e44dfda828", "id": "CVE-2025-59419", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-59419 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-codec-socks." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-socks@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:eaf6a31a-7524-5cd0-87ac-d4f14018f7e6", "id": "CVE-2025-67735", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-67735 is fixed in version 4.1.48.Final-tuxcare.1 of io.netty:netty-codec-socks." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-socks@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a9d3c830-f1d2-5cbb-a39a-e0dd8199a974", "id": "CVE-2026-33870", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33870 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-codec-socks." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-socks@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f535caa7-fa24-514e-8f8a-e11c828094e3", "id": "CVE-2026-33871", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33871 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-codec-socks." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-socks@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:48d516ca-ff51-5439-88a0-0e6e4aa16ebd", "id": "GHSA-xpw8-rcwv-8f8p", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-xpw8-rcwv-8f8p affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-codec-socks." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-socks@4.1.48.Final-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.netty/netty-codec-socks@4.1.48.Final-tuxcare.1" } ] }