{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:2ec022d8-cfda-5970-ab70-d99bbbd6bcfa", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.netty/netty-codec-xml@4.1.112.Final-tuxcare.2", "type": "library", "group": "io.netty", "name": "netty-codec-xml", "version": "4.1.112.Final-tuxcare.2", "purl": "pkg:maven/io.netty/netty-codec-xml@4.1.112.Final-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:ad3e8cdb-55fa-54d0-9cff-69f3db9279f8", "id": "CVE-2024-47535", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-47535 affects version 4.1.112.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.112.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:877e4e45-255e-53eb-90d3-e20ce67600b0", "id": "CVE-2025-24970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24970 is fixed in version 4.1.112.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.112.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:48c71ba9-4686-5c3c-bb4a-dd5aff94d7f3", "id": "CVE-2025-25193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-25193 affects version 4.1.112.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.112.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4f7ff255-89a2-51f6-bcad-71e8b5d85b65", "id": "CVE-2025-55163", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55163 is fixed in version 4.1.112.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.112.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d9ca83bd-897e-5d43-83c5-5d1977cf8033", "id": "CVE-2025-58056", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58056 affects version 4.1.112.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.112.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9dbf4fbf-d2af-53f0-95f8-4541dffaefd9", "id": "CVE-2025-58057", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-58057 is fixed in version 4.1.112.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.112.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:12e956f0-ca79-5600-b49f-0bfc2f3d6006", "id": "CVE-2025-59419", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-59419 is fixed in version 4.1.112.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.112.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8c4b7bc2-ad81-5e9b-9440-01bc10f4b2bd", "id": "CVE-2025-67735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-67735 affects version 4.1.112.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.112.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5084baf6-1514-5f7b-8e02-337a8cc43f68", "id": "CVE-2026-33870", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33870 affects version 4.1.112.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.112.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:82730c46-88f7-568a-9575-492f9f657721", "id": "CVE-2026-33871", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-33871 is fixed in version 4.1.112.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.112.Final-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.112.Final-tuxcare.2" } ] }