{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:0518d583-edcb-5f6b-ba8d-72c79e417746", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.1", "type": "library", "group": "io.netty", "name": "netty-codec", "version": "4.1.58.Final-tuxcare.1", "purl": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:a43cf60d-e1d3-5d1c-82c5-dbbbfffa1409", "id": "CVE-2021-21290", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-21290 is fixed in version 4.1.58.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c3901a7c-d7fd-56c5-a7b4-77c6dd300cb7", "id": "CVE-2021-21295", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-21295 is fixed in version 4.1.58.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e2ad54ab-1adc-56c9-bd91-62e13234e6ab", "id": "CVE-2021-21409", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-21409 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cd026d3f-d476-58e6-9948-1a0c515b5bb0", "id": "CVE-2021-37136", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-37136 is fixed in version 4.1.58.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6eca7a2e-e948-54ad-91e1-af49162f9908", "id": "CVE-2021-37137", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-37137 is fixed in version 4.1.58.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d862a35f-6bf3-5584-a6bf-808bc4a13559", "id": "CVE-2021-43797", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-43797 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ebaabfad-fef8-5706-adc4-6a2aa3606754", "id": "CVE-2022-24823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-24823 is fixed in version 4.1.58.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ca814d7a-f298-5c44-a66c-421edbe24f9e", "id": "CVE-2022-41881", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-41881 is fixed in version 4.1.58.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3d1203ff-e294-56b4-a7b2-084f619aab56", "id": "CVE-2023-34462", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34462 is fixed in version 4.1.58.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5a909a57-55b2-50c9-b71d-b8bb4ec65738", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fdd672a6-d1cf-55b8-b5ec-52d1ee9b2b55", "id": "CVE-2023-4586", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2023-4586 is a false positive for io.netty:netty-codec 4.1.58.Final-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:be0bbec8-f1b2-5605-8e1a-6f5fb2d1adcd", "id": "CVE-2024-29025", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-29025 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c10cf715-a3c5-54d5-a687-7867b6f712fc", "id": "CVE-2024-47535", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-47535 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:69577bf6-f9b5-5660-90d3-d2b004cdd7b5", "id": "CVE-2025-24970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24970 is fixed in version 4.1.58.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:69788fff-17ad-5a4e-b186-150747f4750c", "id": "CVE-2025-25193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-25193 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6c7f10d1-9ec7-5208-9f3f-b043d44fb540", "id": "CVE-2025-55163", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55163 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:28d8c7ad-86bc-5a8b-af7d-065887c08f85", "id": "CVE-2025-58056", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58056 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:97733aed-1517-59d4-9cc1-72d2c52312cc", "id": "CVE-2025-58057", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58057 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b9e0de97-9ba2-5142-a25d-e91c18f5661e", "id": "CVE-2025-59419", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-59419 is fixed in version 4.1.58.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:51c2b8b2-7db0-5124-85f6-04e724b7dcf8", "id": "CVE-2025-67735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-67735 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3ad84b4d-84ee-5438-9f12-c73cf41a6545", "id": "CVE-2026-33870", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33870 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:83c07f3f-5342-5eac-9e9d-80fad4751298", "id": "CVE-2026-33871", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33871 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:29801314-a899-5489-a822-918c9aea4ed7", "id": "GHSA-xpw8-rcwv-8f8p", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-xpw8-rcwv-8f8p affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.1" } ] }