{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:916a960a-12a2-5c73-9ad5-9b9d5f3266da", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.netty/netty-codec@4.1.52.Final-tuxcare.1", "type": "library", "group": "io.netty", "name": "netty-codec", "version": "4.1.52.Final-tuxcare.1", "purl": "pkg:maven/io.netty/netty-codec@4.1.52.Final-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:984f04d6-edc1-5cf2-b543-a37b3f063141", "id": "CVE-2021-21290", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-21290 is fixed in version 4.1.52.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.52.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:def2e8cc-eead-5fa1-abbe-5e1777fa1509", "id": "CVE-2021-21295", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-21295 is fixed in version 4.1.52.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.52.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:74da1fa0-ed08-5635-a20e-2c827475176e", "id": "CVE-2021-21409", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-21409 is fixed in version 4.1.52.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.52.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:54d8284e-6c1e-51d3-80f3-a280294b117a", "id": "CVE-2021-37136", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-37136 is fixed in version 4.1.52.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.52.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:826dbce8-f6c1-5b25-b7a6-fce260f2b928", "id": "CVE-2021-37137", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-37137 is fixed in version 4.1.52.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.52.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:639cb5dd-69e2-59fe-82b1-581cdf03f47e", "id": "CVE-2021-43797", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43797 is fixed in version 4.1.52.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.52.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:44b3b1ad-2424-5ea0-bff1-53abb184b312", "id": "CVE-2022-24823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-24823 is fixed in version 4.1.52.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.52.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e5cdbfe7-5fe6-5549-a476-de397edad4a7", "id": "CVE-2022-41881", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-41881 is fixed in version 4.1.52.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.52.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2c518b27-a7fa-5788-b0a6-2dc3d5e9e1d8", "id": "CVE-2023-34462", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34462 affects version 4.1.52.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.52.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:30d1cebc-ad4a-557c-b570-44370bbb2bde", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 4.1.52.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.52.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:318f9b2d-237a-5a92-9537-bc8a75c284dd", "id": "CVE-2023-4586", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2023-4586 is a false positive for io.netty:netty-codec 4.1.52.Final-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.52.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3bd98b65-ee82-548d-b554-6c94a29e3a9f", "id": "CVE-2024-29025", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-29025 is fixed in version 4.1.52.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.52.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:071017e7-b538-530c-9de7-8c39bc960d9b", "id": "CVE-2024-47535", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-47535 is fixed in version 4.1.52.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.52.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4a9caa3c-5f06-5845-b856-ec1e498af64a", "id": "CVE-2025-24970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24970 affects version 4.1.52.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.52.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:df8a88db-58ac-563d-b643-4308cb662b83", "id": "CVE-2025-25193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-25193 affects version 4.1.52.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.52.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d320a099-5316-5a9f-8a36-7e84824dc7eb", "id": "CVE-2025-55163", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55163 affects version 4.1.52.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.52.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a5f04283-8ce1-5000-91eb-301c2861a109", "id": "CVE-2025-58056", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-58056 is fixed in version 4.1.52.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.52.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:41e0df86-cf6a-5371-8d54-fa14ab1f8358", "id": "CVE-2025-58057", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-58057 is fixed in version 4.1.52.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.52.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:004f0641-1f9d-5175-b635-253c6193d92d", "id": "CVE-2025-59419", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-59419 is fixed in version 4.1.52.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.52.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:15927b0b-101b-59fb-9ce2-314a233fafec", "id": "CVE-2025-67735", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-67735 is fixed in version 4.1.52.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.52.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b49079e3-9964-5c8e-8eb6-c408e687454c", "id": "CVE-2026-33870", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33870 affects version 4.1.52.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.52.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3fe0dfc5-7063-5939-a668-958c6f3f0157", "id": "CVE-2026-33871", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33871 affects version 4.1.52.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.52.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5090be21-6199-5a04-880c-c88c4375dd5b", "id": "GHSA-xpw8-rcwv-8f8p", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-xpw8-rcwv-8f8p is fixed in version 4.1.52.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.52.Final-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.52.Final-tuxcare.1" } ] }