{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:4737feb9-53c1-59b6-9bec-02b33f2a46cc", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.netty/netty-codec-xml@4.1.60.Final-tuxcare.1", "type": "library", "group": "io.netty", "name": "netty-codec-xml", "version": "4.1.60.Final-tuxcare.1", "purl": "pkg:maven/io.netty/netty-codec-xml@4.1.60.Final-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:e4da0676-9d57-52fa-8445-1aa42699d33a", "id": "CVE-2021-21409", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-21409 is fixed in version 4.1.60.Final-tuxcare.1 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.60.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:77891e09-c7c6-599d-ac4e-cb13cd484d78", "id": "CVE-2021-37136", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-37136 is fixed in version 4.1.60.Final-tuxcare.1 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.60.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2b2c2f0e-589d-5119-90c8-534607a7cef4", "id": "CVE-2021-37137", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-37137 is fixed in version 4.1.60.Final-tuxcare.1 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.60.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5af0a6e3-6d84-5ddc-b515-590d6b08f76a", "id": "CVE-2021-43797", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43797 is fixed in version 4.1.60.Final-tuxcare.1 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.60.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:45e0e83b-ef36-5865-9432-e1949ee31805", "id": "CVE-2022-24823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-24823 is fixed in version 4.1.60.Final-tuxcare.1 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.60.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7e7400fa-9874-5bb5-9c99-703e26324ece", "id": "CVE-2022-41881", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-41881 is fixed in version 4.1.60.Final-tuxcare.1 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.60.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:69502184-f042-5ebc-aed9-6ed86c5b110f", "id": "CVE-2023-34462", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34462 is fixed in version 4.1.60.Final-tuxcare.1 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.60.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7244fd4a-7752-5cf8-a408-de9eb13510f4", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 4.1.60.Final-tuxcare.1 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.60.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9affbc02-de78-5d46-ada9-0b01e317ae78", "id": "CVE-2023-4586", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2023-4586 is a false positive for io.netty:netty-codec-xml 4.1.60.Final-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.60.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:67dbf310-a292-5617-bfbb-1c794bb3848a", "id": "CVE-2024-29025", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-29025 is fixed in version 4.1.60.Final-tuxcare.1 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.60.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:22fc1513-ae7e-59ef-946e-5a4bf6496633", "id": "CVE-2024-47535", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-47535 is fixed in version 4.1.60.Final-tuxcare.1 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.60.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2f7152d3-f34e-5ece-b4c2-a06319896637", "id": "CVE-2025-24970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24970 is fixed in version 4.1.60.Final-tuxcare.1 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.60.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:33dade35-325d-5166-bd84-36b82147fa53", "id": "CVE-2025-25193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-25193 affects version 4.1.60.Final-tuxcare.1 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.60.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5a293e39-36a8-5910-a148-25d6e094bb68", "id": "CVE-2025-55163", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55163 is fixed in version 4.1.60.Final-tuxcare.1 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.60.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7b6b4a88-8522-5d72-91ac-8dbf32b070a4", "id": "CVE-2025-58056", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58056 affects version 4.1.60.Final-tuxcare.1 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.60.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:06f29ae2-601f-5794-963c-a07f4d2ec2f7", "id": "CVE-2025-58057", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58057 affects version 4.1.60.Final-tuxcare.1 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.60.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8dda04b4-bf04-51b9-9bee-032f736ff6fb", "id": "CVE-2025-59419", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-59419 is fixed in version 4.1.60.Final-tuxcare.1 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.60.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d4f3a0c0-3efe-5036-90f6-422505cad046", "id": "CVE-2025-67735", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-67735 is fixed in version 4.1.60.Final-tuxcare.1 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.60.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:414567e1-134b-520f-960c-649f7b66f5be", "id": "CVE-2026-33870", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33870 affects version 4.1.60.Final-tuxcare.1 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.60.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:78006829-dd68-5add-baca-3bbcc345b59d", "id": "CVE-2026-33871", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33871 affects version 4.1.60.Final-tuxcare.1 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.60.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:df3a9099-e951-543b-b85b-f7865302eff2", "id": "GHSA-xpw8-rcwv-8f8p", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-xpw8-rcwv-8f8p is fixed in version 4.1.60.Final-tuxcare.1 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.60.Final-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.60.Final-tuxcare.1" } ] }