{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:3fecad14-d65b-5bd7-9d3b-82f800b13a67", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.netty/netty-codec@4.1.60.Final-tuxcare.1", "type": "library", "group": "io.netty", "name": "netty-codec", "version": "4.1.60.Final-tuxcare.1", "purl": "pkg:maven/io.netty/netty-codec@4.1.60.Final-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:ee0ff02b-f4c6-5a3b-830c-e9231352cdfb", "id": "CVE-2021-21409", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-21409 is fixed in version 4.1.60.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.60.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5b216890-1f8f-5f6a-9e48-2a2364050e96", "id": "CVE-2021-37136", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-37136 is fixed in version 4.1.60.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.60.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:21691b14-346e-5069-8a67-74db71a59bd9", "id": "CVE-2021-37137", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-37137 is fixed in version 4.1.60.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.60.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e6d4f62f-282b-5cbc-a117-c1c3a9e3321d", "id": "CVE-2021-43797", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43797 is fixed in version 4.1.60.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.60.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a5d4394b-6a3b-5323-b962-e3c2950de4f2", "id": "CVE-2022-24823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-24823 is fixed in version 4.1.60.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.60.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9a0a9e96-c0ff-50d2-abcf-bd775ad0fcdc", "id": "CVE-2022-41881", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-41881 is fixed in version 4.1.60.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.60.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:61be2d5d-7aff-52d1-8b3d-84bea9541f62", "id": "CVE-2023-34462", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34462 is fixed in version 4.1.60.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.60.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8dbed56e-e4f9-5437-ab42-e6880e2ad312", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 4.1.60.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.60.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bf491b2d-9e82-5385-a67d-4890f9e21e12", "id": "CVE-2023-4586", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2023-4586 is a false positive for io.netty:netty-codec 4.1.60.Final-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.60.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:eafaeff0-99d0-58e9-81ea-8c2be2b7fec9", "id": "CVE-2024-29025", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-29025 is fixed in version 4.1.60.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.60.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f5243ea4-832a-5dc8-8509-6f4a01f92a26", "id": "CVE-2024-47535", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-47535 is fixed in version 4.1.60.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.60.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4d92c1b5-d5a8-53ab-abef-aadbd37b1932", "id": "CVE-2025-24970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24970 is fixed in version 4.1.60.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.60.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:eb0fd0c6-123c-56fe-9d2b-9042b0e67c52", "id": "CVE-2025-25193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-25193 affects version 4.1.60.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.60.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f13d29ad-3456-56c3-8bbd-05fcbd78c55c", "id": "CVE-2025-55163", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55163 is fixed in version 4.1.60.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.60.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:187b8e5e-d216-5584-aba8-0ad52297f2f9", "id": "CVE-2025-58056", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58056 affects version 4.1.60.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.60.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6c1168c2-e3ad-5194-8c72-6435db876629", "id": "CVE-2025-58057", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58057 affects version 4.1.60.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.60.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4c13fac6-37d0-516f-9a9f-a9571eadd8a3", "id": "CVE-2025-59419", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-59419 is fixed in version 4.1.60.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.60.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f309c028-d63f-50d6-9942-e1b081f5dcbc", "id": "CVE-2025-67735", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-67735 is fixed in version 4.1.60.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.60.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d407142b-d4dc-5de4-917c-4947fba2f219", "id": "CVE-2026-33870", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33870 affects version 4.1.60.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.60.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:82b6e31c-2025-5dc8-bfd8-6bc48908cf16", "id": "CVE-2026-33871", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33871 affects version 4.1.60.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.60.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:022e659c-ed2a-5a77-908f-575514d58bb3", "id": "GHSA-xpw8-rcwv-8f8p", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-xpw8-rcwv-8f8p is fixed in version 4.1.60.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.60.Final-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.60.Final-tuxcare.1" } ] }