{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:7f0c9dc1-fdee-5efd-b128-1c4be970b10e", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.netty/netty-codec@4.1.63.Final-tuxcare.1", "type": "library", "group": "io.netty", "name": "netty-codec", "version": "4.1.63.Final-tuxcare.1", "purl": "pkg:maven/io.netty/netty-codec@4.1.63.Final-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:f715b75f-5db0-56f1-b140-ec9932307258", "id": "CVE-2021-37136", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-37136 is fixed in version 4.1.63.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:38bfb48e-34f2-5968-ad3a-9f5e3c61537f", "id": "CVE-2021-37137", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-37137 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ae1e92a1-c324-54cd-befe-eaa5ca342672", "id": "CVE-2021-43797", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-43797 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4359a024-bc07-5bb7-b278-6adcf367aaf2", "id": "CVE-2022-24823", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-24823 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9315e3d1-85c8-5669-8866-e1146c129738", "id": "CVE-2022-41881", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-41881 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:23fd1cdd-46f8-5870-8c93-a1e0349556e7", "id": "CVE-2022-41915", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-41915 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8ef4d978-fbe7-5c19-9096-afa46530ff33", "id": "CVE-2023-34462", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34462 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c606449a-e1ee-58bc-98ac-a96f8918e690", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b213990c-5abc-5240-93f4-96924f5de144", "id": "CVE-2023-4586", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2023-4586 is a false positive for io.netty:netty-codec 4.1.63.Final-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:303323a3-c024-55e8-b0c0-2619d1977ba1", "id": "CVE-2024-29025", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-29025 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cc5e4da3-0521-5c93-8f21-ad5cd0f2dbc9", "id": "CVE-2024-47535", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-47535 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:28f79f8c-010b-54a1-8111-162499066e28", "id": "CVE-2025-24970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24970 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:29dc2122-2842-5a58-8faf-3d7916d45b23", "id": "CVE-2025-25193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-25193 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f94e70d9-761d-58c2-9272-5f41605d871e", "id": "CVE-2025-55163", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55163 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8dd35fb7-a0ef-5666-b347-22a7f7999137", "id": "CVE-2025-58056", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58056 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:894084f7-5bae-54c5-99c9-9c40f2eef7e8", "id": "CVE-2025-58057", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58057 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5b144e2f-2f0e-5088-9298-79b4d7896b2f", "id": "CVE-2025-59419", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-59419 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2859a9e4-f662-5fd2-9a4f-d12640d1bc3c", "id": "CVE-2025-67735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-67735 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:211f8aaf-014c-5249-b4e8-1df3eb7578c5", "id": "CVE-2026-33870", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33870 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:db64c506-f544-550d-a5b5-811949b181af", "id": "CVE-2026-33871", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33871 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cd459423-8451-527d-abea-6de143b7d210", "id": "GHSA-xpw8-rcwv-8f8p", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-xpw8-rcwv-8f8p affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.63.Final-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.63.Final-tuxcare.1" } ] }