{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:86aae2d4-35d9-53ae-a9ff-05061e37994a", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.netty/netty-codec@4.1.49.Final-tuxcare.1", "type": "library", "group": "io.netty", "name": "netty-codec", "version": "4.1.49.Final-tuxcare.1", "purl": "pkg:maven/io.netty/netty-codec@4.1.49.Final-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:96ba0299-48c8-597e-8486-e4808b42a1d3", "id": "CVE-2021-21290", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-21290 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:de2dc4bb-b988-500c-90d7-313ca88a0493", "id": "CVE-2021-21295", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-21295 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2c2d1383-3ac9-51ee-a541-58e777060711", "id": "CVE-2021-21409", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-21409 is fixed in version 4.1.49.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:93d064ce-93be-5281-a522-c02b0670f883", "id": "CVE-2021-37136", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-37136 is fixed in version 4.1.49.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b01407bb-4848-5b7d-bf2c-7c0cb3d06d36", "id": "CVE-2021-37137", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-37137 is fixed in version 4.1.49.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dbbd5bbf-f418-5b31-9414-6c9a71f74a9a", "id": "CVE-2021-43797", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43797 is fixed in version 4.1.49.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b63f8895-3326-5163-9f91-7b5530ced8d7", "id": "CVE-2022-24823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-24823 is fixed in version 4.1.49.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ede839e4-7cce-5280-bb42-071dcd54d4d3", "id": "CVE-2022-41881", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-41881 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:25693a2c-9764-5393-a44e-b2adbd9660d2", "id": "CVE-2022-41915", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-41915 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bca9aaa7-4619-5345-83e0-f429b12ff1c3", "id": "CVE-2023-34462", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34462 is fixed in version 4.1.49.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d05d603f-a7d9-552a-8ac6-9e2a54eb4e86", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 4.1.49.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cd9b1248-f786-577d-9164-3daec14cc901", "id": "CVE-2023-4586", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2023-4586 is a false positive for io.netty:netty-codec 4.1.49.Final-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:18105514-6fbc-51a6-b859-fd901dd7ac0d", "id": "CVE-2024-29025", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-29025 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f43f7e39-2c9f-56e7-9a1b-2ca9b52fb43d", "id": "CVE-2024-47535", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-47535 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1fd600e6-0eab-57f1-b0f5-e831bad55ddb", "id": "CVE-2025-24970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24970 is fixed in version 4.1.49.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:14f5f5e3-bbaf-5e99-a926-e1d743e2d808", "id": "CVE-2025-25193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-25193 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d1373832-9d17-53bf-8650-5c836e67b568", "id": "CVE-2025-55163", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55163 is fixed in version 4.1.49.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8791a548-afc1-58d9-a6d8-3c4f9c95531f", "id": "CVE-2025-58056", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58056 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d7f8d29a-336c-54ee-86b7-a245cff1bf4f", "id": "CVE-2025-58057", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58057 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:65a0314c-fc48-5df8-b112-6bb561637737", "id": "CVE-2025-59419", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-59419 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:457a1436-4697-5a47-96df-5a4b25b893eb", "id": "CVE-2025-67735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-67735 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7169e313-3f89-55af-929f-766b0101428b", "id": "CVE-2026-33870", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33870 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3182f79c-3ff5-5d6f-8e4a-38edac28e7b5", "id": "CVE-2026-33871", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33871 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:21c6c772-f13c-5b42-aa25-cdf1b3549755", "id": "GHSA-xpw8-rcwv-8f8p", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-xpw8-rcwv-8f8p affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.49.Final-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.49.Final-tuxcare.1" } ] }